Analysis
-
max time kernel
128s -
max time network
149s -
platform
windows10_x64 -
resource
win10v200430 -
submitted
11/06/2020, 07:42
Static task
static1
Behavioral task
behavioral1
Sample
00b2679e73e28343fd153df9858bc910.exe
Resource
win7v200430
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
00b2679e73e28343fd153df9858bc910.exe
Resource
win10v200430
windows10_x64
0 signatures
0 seconds
General
-
Target
00b2679e73e28343fd153df9858bc910.exe
-
Size
715KB
-
MD5
00b2679e73e28343fd153df9858bc910
-
SHA1
f27390cdca4afea0ffeda89f117931858e7f5a7f
-
SHA256
6396ea2ef48aa3d3a61fb2e1ca50ac3711c376ec2b67dbaf64eeba49f5dfa9df
-
SHA512
35b06555bd088bdcdd13f3377832073ebdae9053fe8a640c41470560da1f093abe65d6cfc4cfce30a9af708a8926ea646c801b6c155d0517e612f807472a7261
Score
10/10
Malware Config
Extracted
Path
C:\odt\!!FAQ for Decryption!!.txt
Ransom Note
Good day. All your files are encrypted. For decryption contact us.
Write here [email protected]
We also inform that your databases, ftp server and file server were downloaded by us to our servers.
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software,
it may cause permanent data loss.
Emails
Signatures
-
Drops file in Program Files directory 16122 IoCs
description ioc Process File opened for modification C:\program files\java\jre1.8.0_66\lib\jfr.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-16_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\homebanner_light.pdf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-64_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\13d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\info.plist svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslogoextensions.targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_cancel_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-48_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\themes\dark\faf_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\illustrations.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rightnav.gif svchost.exe File created C:\program files\videolan\vlc\locale\be\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\pdp\paint_pdp.xml svchost.exe File opened for modification C:\program files (x86)\common files\system\msadc\en-us\msdaprsr.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\icon.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_1s.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\belikeexactly.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\171.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\peoplewidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\dk_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5601_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-16_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1851_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailwidetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\example_icons2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\meta-inf\eclipse_.rsa svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-16_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\cancel.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\sv-se\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\ko.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\spider\2_piece_silk_suit_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7834_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\tripeaks_menu_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangesmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-60.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\hi_contrast\aic_file_icons_highcontrast.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\symbols.xml svchost.exe File created C:\program files\common files\system\msadc\en-us\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\pin\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\core_icons.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\lockscreenbadgelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square44x44logo.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\thankyou\genericintl-1.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\idtemplates\enu\adobeid.pdf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\tool\selector.js svchost.exe File opened for modification C:\program files (x86)\msbuild\microsoft\windows workflow foundation\v3.5\workflow.targets svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapswidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagewidetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\fa\lc_messages\vlc.mo svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\es-mx\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\droplets.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\moji_mask.contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tt_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsstorelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\largetile.scale-100.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\soft blue.htm svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ca_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sz_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\7-zip\lang\th.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscamerawidetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\particles\butterfly.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\8.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxbadge.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storelogo.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorstorelogo.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-256_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\email\dummy\fake_logo.png svchost.exe File created C:\program files\mozilla firefox\browser\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\he\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-google.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\apple-touch-icon-72x72-precomposed.png svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionlargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\images\tiles\storelogo.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_rename_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\zh-tw\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6365_36x36x32.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\mock.ps1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.xml svchost.exe File created C:\program files\videolan\vlc\locale\is\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\strikebackground.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\pyramid\golden_pharaoh_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\images\walletsquare150x150logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\musicstorelogo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\examples\calculator\add-numbers.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\beihai_common_diagnostics.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_selectlist_checkmark_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\back-arrow-focus.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypetile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gf_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\sounds\new_shutter.wav svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dummy.aff svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-60_altform-unplated_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\match.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\density_selected_hollow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\application.manifest svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\images\walletsquare44x44logo.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\natives_blob.bin svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages_zh_tw.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timermedtile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\locale\updater_ja.jar svchost.exe File created C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.454.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\sendmail.api svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\themes\dark\illustrations.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\clone.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\microsoft.apps.messaging.base.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_saveautomatically_ltr_tablet.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-dark.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\toast.dualsim1.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\iheart-radio.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-googlecloudcache-light.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapslargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_fi_135x40.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-explorer.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_1c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_background.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.ui\resources\images\home-placeholder.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\back-arrow-hover.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\mai\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_mousenose.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6416_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailmediumtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_ellipses.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\splashscreen.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\hwrcommonlm.dat svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winxptsframe.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_tetrahedron.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebookwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-80_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapssplashscreen.scale-125.png svchost.exe File created C:\program files\common files\system\ole db\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\icon_settings.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxaccountssplashlogo.scale-140.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\sendforcomments.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mu_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\spectrum_spinner.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypemedtile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7989_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-dark.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\windowspowershell\modules\pester\3.4.0\examples\validator\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows media player\media renderer\avtransport.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\theme\theme_dailychallenge.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-20_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\aic_file_icons_retina_thumb.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\japanese_over.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\nb-no\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\io_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\kw_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_en_135x40.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\endgame_yellow_over.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\object.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_hedge.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\speechless.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_penclick_ltr_tablet.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\fo_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\pl-pl\ui-strings.js svchost.exe File created C:\program files\java\jdk1.8.0_66\include\win32\bridge\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\welcome.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionmedtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\share_icons.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_basestyle.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\go_for_the_silver_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ss_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\rtc.der svchost.exe File opened for modification C:\program files (x86)\windows media player\media renderer\dmr_120.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-nodes_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\peopleapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photoslargetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\upsell\dont_ask_button.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagewidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\meta-inf\eclipse_.sf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-swing-tabcontrol.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\images\cursors\win32_movenodrop32x32.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_tilemediumsquare.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarlargetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filter-disabled_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_tr_135x40.svg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\pyramid\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_2016.719.1035.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-24_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\scrubbing_icons.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\splashscreen.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangelargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsmalltile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\js\plugins\rhp\generic-rhp-app-tool-view.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\selection-action-plugins\cpdf\selector.js svchost.exe File opened for modification C:\program files\windows media player\network sharing\mediareceiverregistrar.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-googlecloudcache-dark.scale-240.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-72_contrast-white.png svchost.exe File opened for modification C:\program files\redogroup.pptx svchost.exe File created C:\program files\videolan\vlc\plugins\access\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\endgame_yellow_down.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\turnonnotificationinacrobat.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\gamemodefreecell.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\apple-touch-icon-72x72-precomposed.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim1.sad.small.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-256_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\69_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailbadge.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\toast.dualsim2.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\upsell\green_button.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxaccountslargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxwidetile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldnotthrow.snippets.ps1xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_12d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\be.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\attribution\kweather.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\12s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_11h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\icon_layout.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\dancing.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\in.tests.ps1 svchost.exe File opened for modification C:\program files\common files\system\ado\adovbs.inc svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_newfolder-default.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files-select\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ht_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailmediumtile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\zh-tw\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\plugins\video_output\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\speech\en-us\tokens_enus.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account-select\css\main.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\virgo_mycomputer_folder_icon.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\resources\requiredprintcapabilities.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\me_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\3.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\fr-fr\appstore_icon.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\ads_casualgames_728x90.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\nz_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\75.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\hr-hr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\info.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\tzmappings svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchwidetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\sprite.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchwidetile.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-us\en-us_female_tts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\garden.htm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6536_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangewidetile.scale-200.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\index.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_right_angle_triangle.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winxphandle.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ca\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\coverage.ps1 svchost.exe File opened for modification C:\program files\7-zip\lang\he.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapssplashscreen.scale-200.png svchost.exe File created C:\program files (x86)\common files\system\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\icudtl.dat svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_export_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-60.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ag_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.apptk.nativedirect3d.uap\native3d.texturerendererpixelshader.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorsplashscreen.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\logo.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\peoplewidetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\idpvalueassets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\density_selected_hard.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\support.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\pw_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\compositesurface\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\themes\dark\example_icons2x.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\ru.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-80_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarbadge.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_removeme-default_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peoplesmalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\css\main.css svchost.exe File created C:\program files\common files\microsoft shared\ink\fsdefinitions\osknav\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\tongueout.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\desktop.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionwidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\css\main.css svchost.exe File created C:\program files (x86)\common files\microsoft shared\msinfo\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.common_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.awards\assets\awards_years_base.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\de_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\logo_retina.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5671_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\s-1-5-21-1231583446-2617009595-2137880041-1000-mergedresources-0.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\cef.pak svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\ccloud_retina.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\mai\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmaillargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecordermedtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_sv_135x40.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-threaddump.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\deal\new-deal-up.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\de-de.phonenumber.model svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\mozilla maintenance service\logs\maintenanceservice-install.log svchost.exe File opened for modification C:\program files\7-zip\lang\si.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\tabtip.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\donut.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\animation\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\sysinfo.bat svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.attributetransformation.exsd svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_zh_cn.jar svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclockmedtile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\largetile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_10h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-32_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\smoking.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5313_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\images\ratings\yelp4.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\sample-thumb.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\bs\lc_messages\vlc.mo svchost.exe File created C:\program files\videolan\vlc\locale\id\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmaillargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\navigationicons\nav_icons_store.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapssmalltile.scale-125.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\badgelogo2.targetsize-24.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim2.smile.small.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebookmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\widetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.news\assets\news_icon-over.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\pi_brokers\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\nl\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-light.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-80_altform-unplated_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\theme\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_13c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-no-text_2x.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\card_shadow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_2017.222.1920.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File created C:\program files\windows defender\offline\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailbadge.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxnano.winmd svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-compat.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_download_audit_report_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_de_135x40.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\surfaceprofiles\paper_hotpress300lb_512x512_nm.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\ratings\yelp5.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\preface.htm svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\apppackagelargetile.scale-100_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\sounds\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\internet explorer\en-us\iexplore.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-200_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-exchange.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxlargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\chrome.dll.sig svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_share_18.svg svchost.exe File opened for modification C:\program files\7-zip\lang\bn.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-dark.scale-250.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_sortedby_up_18.svg svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\zh-phonetic.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-dark.scale-300.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ar-ae\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\go-for_the_gold_.png svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\kh_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-16_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-40_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-80_altform-unplated.png svchost.exe File created C:\program files (x86)\common files\microsoft shared\vsta\appinfodocument\microsoft.visualstudio.tools.office.appinfodocument\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitairelargetile.scale-200.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\xboxidp.tasks.winmd svchost.exe File created C:\program files\common files\microsoft shared\vc\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.news\assets\news_button_over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\scan_poster.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6924_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\plugin.js svchost.exe File created C:\program files (x86)\windows multimedia platform\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-125_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_badgelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagemedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\dismiss.scale-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6365_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\arrow-up.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\virgo_mycomputer_folder_icon.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubsmalltile.scale-125_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\16.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\storageconnectors.api svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\sprite_vs.fxo svchost.exe File created C:\program files\windowspowershell\modules\powershellget\1.0.0.1\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\_resources\0.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contactphoto.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6449_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\operationvalidationresources.psd1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\th.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_12h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\dz_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\back-arrow-down.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\dd_arrow_small2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\s_radio_selected_18.svg svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\keypad\ea.xml svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipstr.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-32_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\fullscreen\windowed-up.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-36.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\checkers.api svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\meta-inf\eclipse.inf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-36.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ui-strings.js svchost.exe File created C:\program files\common files\microsoft shared\ink\el-gr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\attachmentplaceholder.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-72_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-40.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\system\msadc\adcjavas.inc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangemediumtile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\logo_retina.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\belikeexactly.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.sat4j.core_2.3.5.v201308161310.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\control_1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\tripeaks_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-black_targetsize-256.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\images\ratings\yelplogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.387e40a3.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\spotlightmailhxs_2016-09.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\he-il\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-light.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailwidetile.scale-400.png svchost.exe File created C:\program files\videolan\vlc\lua\http\dialogs\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_5_point_star.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-20_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\css\main-selector.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\annotations\stamps\enu\signhere.pdf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\friends.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\assets\square44x44logo.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-72_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_sortedby_up_hover_18.svg svchost.exe File created C:\program files\common files\microsoft shared\ink\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-256.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ar-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\email\themes\dark\adc_logo.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\share_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_1d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\convertps_bgratouv.cso svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example3.diagnostics\2.0.1\diagnostics\simple\example3b.diagnostics.tests.ps1 svchost.exe File created C:\program files\java\jre1.8.0_66\lib\ext\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mf_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\content\nexus.json svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ru-ru\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\es\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mr_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangelargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\help.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\boot_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6918_20x20x32.png svchost.exe File created C:\program files (x86)\common files\microsoft shared\vgx\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarbadge.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\resources.pri svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\livetiles\avatar310x150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example2.diagnostics\1.0.1\diagnostics\simple\example2.diagnostics.tests.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\fonts\lucidatypewriterbold.ttf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\7-zip\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\fontconfig.bfc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\oneconnectwidetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\visualelements\smalllogocanary.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatormedtile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\awards_badge_base.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_background.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5313_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5511_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-in\en-in_female_tts\common.lua svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\uk-ua\tipresx.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20140422-1847.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\print.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\came_to_win_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorwidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\print_poster.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\copyright svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubapplist.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\officehub_base_priconfig.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionwidetile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\plugins\rhp\pages-app-selector.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\system\msadc\en-us\msdaremr.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailmediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7260_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\appxmanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_folder-focus_32.svg svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\abbreviations\en_ca\list.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_logosmall.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photosmedtile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangesmalltile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2818_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubsplashsquaretile.scale-200_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example2.diagnostics\1.0.1\example2.diagnostics.psd1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\9434_40x40x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\images\themeless\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\livetiles\microsoftsolitairelargetile.scale-125.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\bartlett.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslogoextensions.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_2017.203.236.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-64_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailwidetile.scale-150.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\clicktorun\subsystemcontroller.man svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\bubble.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_eyelasheye.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\background_gradient.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsbadge.contrast-white_scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\layerscontrol\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\coverage.ps1 svchost.exe File opened for modification C:\program files (x86)\windows photo viewer\en-us\photoacq.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\ungroup.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\delete_12x12.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-gb.mail.config svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-text_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6486_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\largetile.scale-200_contrast-white.png svchost.exe File created C:\program files\mozilla firefox\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ga\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\movie-tvstorelogo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\inmodulescope.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\fileicons\filelogoextensions.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1851_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsplashwidetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\smalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\be\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\185.png svchost.exe File opened for modification C:\program files (x86)\msbuild\microsoft\windows workflow foundation\v3.0\workflow.visualbasic.targets svchost.exe File opened for modification C:\program files\splitgrant.nfo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\movie-tvstorelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_tilewide.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5311_32x32x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsalarms_2017.203.236.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-24.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\cstm_brand_preview2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\peopleappstorelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\remove.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\density_selected_solid.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailbadge.scale-400.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\planecutkeepboth.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypeapplist.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\lv-lv\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\popup\completedallchallenges_2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6365_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-google.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesplashlogo.scale-400.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\splashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\upsellcontentdialogheader.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8268_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-no-text.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\zh-tw\ui-strings.js svchost.exe File created C:\program files\windows defender advanced threat protection\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\board_yet_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\resources\retaildemo\data\en-us\2.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\rhp_world_icon.png svchost.exe File opened for modification C:\program files\7-zip\lang\az.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\locale\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\anevia_streams.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-light.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\en-ae\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-templates.jar svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\supplementaldictionaries\en_ca\added.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\popup_shadow_2_2bp.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxidentityprovider_2016.719.1035.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\cmm\ciexyz.pf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-gb.phonenumber.sms.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\beeps\beeps\beep svchost.exe File created C:\program files (x86)\windowspowershell\modules\pester\3.4.0\examples\calculator\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_pl.jar svchost.exe File created C:\program files\common files\microsoft shared\ink\fsdefinitions\oskpred\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\papyrus.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5478_40x40x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\sampleheader\avatar.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1251_72x72x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-exchange.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\send.white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-40_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\peopleappstorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\dismiss.scale-64.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_folder-down_32.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\images\ratings\yelp5.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\lalala.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7205_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\currency.data svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\va_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\adobe_spinner_mini.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\ja-jp\ui-strings.js svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-40.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\klondike\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-exchange.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\microsoft.people.controls.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.scale-100_contrast-white.png svchost.exe File created C:\program files\videolan\vlc\locale\my\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\jscripts\wefgallery_strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecordersmalltile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\theme\theme_mobile.respack svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fullscreen-exit-press.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\pesterstate.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditrichcapture.contrast-white_scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\icons\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_10h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5941_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\326_36x36x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\dc-annotations\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\visualelements\logobeta.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photossmalltile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\shapes_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\surfaceprofiles\paper_indiarough_512x512.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\lt\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7739_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar svchost.exe File opened for modification C:\program files\videolan\vlc\locale\zu\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\font\camerasymbols.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\localedata.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_da-dk.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-24.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmssplashscreen.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\de-de.phonenumber.ot svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\dialogs\mosaic_window.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tw_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-36_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\nod.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\kh_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-gb.calendar.model svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square44x44logo.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7316_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\s-1-5-21-1231583446-2617009595-2137880041-1000-mergedresources-0.pri svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\dictionaries\en-us-9-0.bdic svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\badgelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagewidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-96_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\meta-inf\eclipse_.sf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.commands_0.10.2.v20140424-2344.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotemediumtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\sat_logo.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-spi-quicksearch.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-48_altform-colorize.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-es_es.gif svchost.exe File opened for modification C:\program files\7-zip\lang\ar.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\meta-index svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\skype_call_answer.m4a svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\plugins\rhp\createpdfupsell-app-selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\dcgoalfly_d.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6440_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\whew.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-48_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-google.scale-150.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxmediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-30_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_filterselected-focus_32.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\css\main.css svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\lib\locale\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\viewer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\assets\wide310x150logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangemediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-dark.scale-200.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\osknav.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_6_point_star.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\incoming_voicemail.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-30.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\symbols\ea-sym.xml svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\sunmscapi.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\widetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\strings\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\image_placeholder.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\9434_32x32x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_rename_18.svg svchost.exe File opened for modification C:\program files\common files\system\ado\msado20.tlb svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\star-rotating-57x54.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-36.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_cn.jar svchost.exe File opened for modification C:\program files\windows media player\media renderer\renderingcontrol.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapslargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-64_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\13h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\oneconnectstorelogo.scale-125.png svchost.exe File created C:\program files\java\jre1.8.0_66\lib\security\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\rhp_world_icon.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\win\cp1250.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bn_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-gb.phonenumber.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\s_checkbox_selected_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\154.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\ink\en-us\tipres.dll.mui svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\sounds\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\sadsmile.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins3d\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\fileicons\filelogoextensions.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-light.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\icon_materials.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-light.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\fr-ma\ui-strings.js svchost.exe File created C:\program files\common files\microsoft shared\office16\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-text.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_sphere.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\fullscreen\windowed-over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\microsoft.xaml.interactivity.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\css\main.css svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-36.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\it-it\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\sl-sl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\bears.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\attribution\wdt.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-256_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\awards.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangemediumtile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\constantsperobject.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailmediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-google.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\largelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\br.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\fileattachmentplaceholder.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\8-point star.png svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6918_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-dark.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_newfolder_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_cn_5.5.0.165303.jar svchost.exe File created C:\program files\windows defender\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\rhp\convertpdf-rna-tool-view.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\smalllogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_11d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\benullorempty.tests.ps1 svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\bin\plugin2\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_13c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\toivo.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_illuccfilesempty_180x180.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\12.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5630_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\vu_16x11.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\set-testinconclusive.ps1 svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\iheart-radio.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.news\assets\news_button.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\freecell\get_out_of_jail_free_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-16_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\browser\wcchromeextn\manifest.json svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\main.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\nb-no\ui-strings.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\hand.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7d7.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.454.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4774_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_logosmall.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\feedback_icon_smiley.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\cs-cz\appstore_icon.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\muscle.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tl_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsplashlogo.scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\packagemanagement\1.0.0.1\packageproviderfunctions.psm1 svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldthrow.snippets.ps1xml svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\undo\undo-up.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\management\snmp.acl.template svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim1.wink.small.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\fr-fr.messaging.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\mask_corners_king.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-64_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\sr-cyrl-cs\mso.acl svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubstorelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\icons_ie8.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\apppackagebadgelogo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\videolan\vlc\locale\lg\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\solitaire25.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorsplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxaccountssmalltile.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\fonts\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account-select\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_logosmall.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\splashscreen.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-64_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\mozilla firefox\platform.ini svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ckb\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\readme.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\30.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailbadge.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\smalllogo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_1d.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\ar-sa\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\smallfreecelltile.jpg svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\relivesurfaces\sequence\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.ui\resources\images\messagesxboxlogo.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\startnetworkserver.bat svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_logosmall.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_logosmall.targetsize-48.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_circle.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore\resources\assets\rt_icons_cert_42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\navigationicons\nav_icons_connect.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\rhp_world_icon.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-startup.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2875_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenavigationlogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\plugin.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\fonts\bhaimdl2.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7205_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapssmalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\th-th\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\system\ado\msadox28.tlb svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_background_full.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\aq_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubbadgelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\spider_icon.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\cpdf_full.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\ar_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-options.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-appui.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypelogo.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\resources\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\movie-tvstorelogo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_2017.203.236.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-keyring-impl.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\lightning bolt_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cf_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-light.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\thanks.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\w3.png svchost.exe File created C:\program files (x86)\windowspowershell\modules\packagemanagement\1.0.0.1\en\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleapplist.targetsize-80.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\de-de\appstore_icon.svg svchost.exe File opened for modification C:\program files\videolan\vlc\locale\az\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\dust.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\agavedefaulticon96x96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\storesmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\fil_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_tilelargesquare.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\themes\dark\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt_0.12.1.v20140903-1023.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-light.scale-250.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\sendforcomments.svg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\en-us\about_should.help.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\upsell\background.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square44x44\paintapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldnotbenullorempty.snippets.ps1xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\check.cur svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\share_icons2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\system\ole db\en-us\msdaorar.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypeapplist.scale-125_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\cardbacks\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\smalllogo.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\182.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\meta-inf\eclipse.inf svchost.exe File opened for modification C:\program files\windows media player\media renderer\dmr_120.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-threaddump.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\officons.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\url.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\javascripts\jsbytecodewin.bin svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app-api\dev\app-api.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\adobe\zdingbat.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cd_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\delete_12x12.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\8.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\jumbo.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_opencarat_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-48.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim1.wink.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\xk_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-60_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\reference assemblies\microsoft\framework\v3.0\subsetlist\client.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\loadicon_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim1.surprise.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-light.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscamerasmalltile.contrast-black_scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\fonts\symbol.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\applist.scale-150_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\clicktorun\sharedperformance.man svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6536_20x20x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\check_2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\share_icons2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclockwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxbadge.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-light.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\lua\sd\jamendo.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\largetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_es-es.respack svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\describe.snippets.ps1xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_filterselected-default_32.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\topnav.gif svchost.exe File opened for modification C:\program files\videolan\vlc\skins\skin.dtd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\themes\dark\arrow-up.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.registry_3.5.400.v20140428-1507.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4642_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\peoplesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorwidetile.contrast-white_scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\sounds\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\crying.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\images\ratings\yelp9.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\confirmation2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photoslargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsplashlogo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-72_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarmediumtile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filter-default_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\accessibility_poster.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_pigear.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_wedge.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\back\back.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\nf_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\retail\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedlargetile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-48_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarmediumtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\premiumedition_popup2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\na_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-exchange.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\music.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\progress_spinner_dark2x.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\themes\dark\icons_retina.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagemedtile.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\xaml\onenote\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\inmodulescope.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailmediumtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_us\hyph_en_us.dic svchost.exe File created C:\program files\mozilla firefox\defaults\pref\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\smallpyramidtile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxlargetile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\etc\visualvm.conf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8498_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\ms_get.svg svchost.exe File created C:\program files\7-zip\lang\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-36_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\popup_shadow_4.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\outlookaccount.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\protect_poster.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\sampleheader\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-dark.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailbadge.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorsplashscreen.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\popup\fue1_image_4.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-gb\en-gb_female_tts\common.lua svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-ui.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\intf\dumpmeta.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebooklargetile.scale-100.png svchost.exe File created C:\program files\videolan\vlc\locale\mk\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ad_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\runninglate.scale-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\optimizepdf_r_rhp.aapp svchost.exe File opened for modification C:\program files\7-zip\lang\is.txt svchost.exe File created C:\program files\java\jre1.8.0_66\lib\jfr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\604_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\nb-no\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\medtile.scale-100_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\xaml\onenote\framelayout.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\peoplesplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-100_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclocksmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\purmesh.jpg svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\thankyou\genericenglish-3.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\adobepistd.otf svchost.exe File created C:\program files (x86)\reference assemblies\microsoft\framework\v3.5\subsetlist\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windows security\browsercore\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_13d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\textured.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\manifests\builtinagavecommands.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupmedtile.scale-150.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photoswidetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square310x150logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\peopleapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\envy.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopenincinemagraph.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\icons\jit_moments.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\sprite_ps.fxo svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example3.diagnostics\1.1.1\diagnostics\simple\example3a.diagnostics.tests.ps1 svchost.exe File opened for modification C:\program files\videolan\vlc\skins\fonts\freesansbold.ttf svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photoslargetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2210_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-16.png svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\_resources\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-40_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\vu_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\toast.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\chevron.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\oneconnectapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\4-point star.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8041_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_closereview_18.svg svchost.exe File opened for modification C:\program files (x86)\common files\system\ole db\en-us\msdasqlr.dll.mui svchost.exe File opened for modification C:\program files\videolan\vlc\locale\mr\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapswidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themes\dark\checkmark-2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.batik.util_1.7.0.v201011041433.jar svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_ca\readme_th_en_ca_v2.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\160.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_it-it.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopenincinemagraph.contrast-high_scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\themes\dark\new_icons_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\highfive.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ke_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\angel.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmssmalltile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\mozilla firefox\dependentlibs.list svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\themes\dark\example_icons2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\content-types.properties svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\12c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\icon_howtoplay.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gm_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\sl-si\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\base_heb.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\javafx-mx.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_logosmall.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\txp_carreservation_dark.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_fillandsign_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\flags.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\mapssmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\widetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\mobile_browse.html svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\freecell\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebookwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bo_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmaillargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsplashwidetile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\fonts\lucidabrightdemibold.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\traintrackleftturn.3mf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldnotbenullorempty.snippets.ps1xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_cn_5.5.0.165303\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypewidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-24_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\es-es.mail.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-16_contrast-black.png svchost.exe File created C:\program files\videolan\vlc\lua\http\css\ui-lightness\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecorderlargetile.contrast-black_scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_es_135x40.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\swear.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\nl-nl\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peoplemedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailbadge.scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\pesterthrow.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\beeps\uncommon.lua svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\hu-hu\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\so_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\rhp_icons_2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\apply.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxmediumtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\projectioncylindric.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\wait.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailbadge.scale-125.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\id.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\css\main-selector.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\stopnetworkserver svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\rockbox_fm_presets.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_background.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongrouplargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bm_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\bg_patterns_header.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\1c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\la_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-javahelp.xml svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\he-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagemedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarbadge.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\14.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\logo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ru_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\assets\sample files\complex machine.pdf svchost.exe File opened for modification C:\program files\7-zip\lang\zh-cn.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\cloud_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxmediumtile.scale-150.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\bg-bg\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\largelogo.scale-100_contrast-black.png svchost.exe File created C:\program files\windows media player\network sharing\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.msn.shell\themes\glyphs\font\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themes\dark\checkmark.png svchost.exe File opened for modification C:\program files\7-zip\lang\kk.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_sadmouth.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslogoextensions.targetsize-63.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangemediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\8px.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\surfaceprofiles\paper_indiarough_512x512_nm.png svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\epl-v10.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\images\image_placeholder.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangebadge.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\largelogo.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-black_targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gp_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopenincinemagraph.scale-200.png svchost.exe File created C:\program files\videolan\vlc\plugins\packetizer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\audio\badgeearned.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\backgrounds\classic.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\zh-cn.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-uisupport.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecorderwidetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-us.calendar.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailbadge.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsstorelogo.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\themes\dark\arrow-left.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\file_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\s_thumbnailview_18.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\security\java.security svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\strive_for_perfection_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\board_yet_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\iheart-radio.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-20.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\a12_spinner_int.gif svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldbegreaterthan.snippets.ps1xml svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsid.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\logo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storewidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\pitissue.jpg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\rounded rectangle.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_reptileeye.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app-api\dev\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8080_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\widetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\greenbubbles.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-sendopts.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\moji_mask.contrast-standard.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailmediumtile.scale-125.png svchost.exe File created C:\program files\videolan\vlc\locale\ne\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-36_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-64.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.el_2.2.0.v201303151357.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timerlargetile.contrast-white_scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditmoment.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_heart.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\basealtgr_rtl.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\widelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\rename.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\no_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\toolkit\images\defaultprofileimage.png svchost.exe File created C:\program files\videolan\vlc\locale\ky\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8577_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\congratsdialogbackground.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\fr-fr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mt_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailbadge.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsplashlogo.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\s_listview_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\undo\undo-over.mobile.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-output2.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-80_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-96.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\keypad.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7d3.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filter-dark-disabled_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\dialogs\stream_window.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\resources.pri svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\fonts\msgmdl2.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotereplaycrosshairicon-2.png svchost.exe File created C:\program files\internet explorer\signup\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql_2.0.100.v20131211-1531.jar svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\shadesofblue.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-80_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\settle.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesplashlogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\snooze.scale-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscamerasplashscreen.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedwidetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\tryagain\tryagain-over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cn_16x11.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\license.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\15.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\29.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6449_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\offsymsl.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-api-search.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\12h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8080_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\livetiles\search.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ng_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gu_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.874.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackagesplashscreen.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\optinpopup\opt-in-popup-icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_1d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-36_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailbadge.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\widetile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_splashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\gpuwarpingvs.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\he\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\_resources\2.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\uy_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\a12_spinner_2x.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\st_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\pl-pl\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscamerawidetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\url.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\bandit.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\drink.png svchost.exe File created C:\program files\windowspowershell\modules\pester\3.4.0\functions\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_filterselected-down_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\vsto\vstoee90.tlb svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\avatars\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\fonts\lucidabrightdemiitalic.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-light.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-google.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filterselected-dark-focus_32.svg svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\hwrusash.dat svchost.exe File opened for modification C:\program files\windowspowershell\modules\powershellget\1.0.0.1\psget.format.ps1xml svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\reference assemblies\microsoft\framework\v3.5\redistlist\frameworklist.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_12c.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubapplist.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\rectangle_icon.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhublargetile.scale-100_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_tilelargesquare.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\greybox.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\king_of_the_hill_unearned_small.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\powershellget\1.0.0.1\psget.resource.psd1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\green_button.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\machandle.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_zh-hk.respack svchost.exe File opened for modification C:\program files\videolan\vlc\locale\kk\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\9.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ck_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\system\msadc\en-us\msadcer.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_zh_cn.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\images\cursors\win32_copydrop32x32.gif svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\goal_6.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\lv_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\msadox28.tlb svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\eu_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\11c.png svchost.exe File created C:\program files\windowsapps\microsoft.people_2017.222.1920.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\logo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\plugin.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\illustrations.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_us\readme_en_us.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-256_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\animation\star-bursting-187x170.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3490_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_1h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\productposeestimation27pts.mdl svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-48_altform-unplated_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-de_de.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\11.rsrc svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\mc.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_ja.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-light.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\animation\coinflip.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\oneconnectsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\pe_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosstorelogo.contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubsmalltile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\en-il\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\badgelogo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\popup\pop_up_warning.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tiles\create-new-theme.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\splashscreen.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-api-annotations-common.xml svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ky\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\jamendo.luac svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopenincinemagraph.contrast-high_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\simplify.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubsmalltile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-36_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\musicstorelogo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailbadge.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\152.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\delete.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_ellipses_selected-hover.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\icon_printer settings.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_11s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\retail\retail_feedback_icon.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_nl_135x40.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\13.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\bigsmile.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\versions\framework-dev.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\il_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mc_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-light.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\themes\dark\rhp_world_icon.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\logo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square150x150\paintmedtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-80_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_it_135x40.svg svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\supplementaldictionaries\en_us\added.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-core.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-white\splashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-outlook.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-40_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-light.scale-400.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsbadge.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\xmloffkeys\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\11d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-white_targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\duplicate.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\plugins\rhp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_logosmall.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\zh-tw\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\win\cp1254.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesplashlogo.scale-250.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\themes_page_menu_button.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclockwidetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\kn_60x42.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\license.html svchost.exe File created C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchlargetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\office365logowlockup.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\microsoft.bing.client.graph.winmd svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\legal\enu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\fi-fi\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\js\plugins\rhp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\backgroundtile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timerlargetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\storebadgelogo.scale-100.png svchost.exe File opened for modification C:\program files\common files\system\ado\en-us\msader15.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square44x44logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\images\tiles\square71x71logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectstorelogo.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\mobile.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-light.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlogoextensions.targetsize-336.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipssrb.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\widelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\en-us\about_pester.help.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldbe.snippets.ps1xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\msado60.tlb svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\inlove.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\images\walletsquare44x44logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-336.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\hu-hu\tipresx.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\undo\undo-up.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\call.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\create_form.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\animation\crown_sparking.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-google.scale-150.png svchost.exe File opened for modification C:\program files\common files\system\ado\msado60.tlb svchost.exe File created C:\program files\java\jdk1.8.0_66\include\win32\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\cardbacks\beach.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\fable\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photossmalltile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\cinemagraphdelegate\cinemagraphcontrol.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windows media player\media renderer\dmr_48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\storebadgelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapssmalltile.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\autogen\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\8-point star_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\pyramid\respacks\gameplaypyramid.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\emlattachmenticon.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\license svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-dark.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\readoutloud.api svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\be.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20140827-1444.jar svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8201_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-48_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\pt_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\sounds\crownappearance.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\popup\pop_up_question.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_12s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\peoplewidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\new_icons_retina.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\jfr.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-api-visual.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebooklargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\az_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\9724_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filterselected-dark-hover_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectsplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-dark.scale-125.png svchost.exe File created C:\program files (x86)\common files\system\ole db\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\ka.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-64_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\hrtfs\dodeca_and_7channel_3dsl_hrtf.sofa svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\surfaceprofiles\paper_hotpress300lb_512x512.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1937_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\pg_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarbadge.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-gb.postaladdress.ot svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecordersmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ky_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ro-ro\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_2017.222.1920.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-util_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\cardbacks\cardback2.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\fr_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleapplist.targetsize-24.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\xmloffkeys\keys_offver15.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_spiral.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-bg_glass_100_fdf5ce_1x400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopeninrefocus.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmssmalltile.contrast-black_scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\perfect\ribbon_2.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\setupteardown.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\windows defender\en-us\eppmanifest.dll.mui svchost.exe File opened for modification C:\program files\7-zip\lang\ga.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-explorer.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.smile.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\paperboat.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\sun_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackagesplashscreen.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\minionpro-boldit.otf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleappstorelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_sortedby_up_selected_18.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\incoming_im.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\bing.immersive\shaders\simplecubeshader.vs svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldbenullorempty.snippets.ps1xml svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-36_altform-fullcolor.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\gu\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\invertcoloreffectps_bgra.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsplashlogo.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\registry.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_anonymoususer_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\s_checkbox_unselected_18.svg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\packagemanagement\1.0.0.1\packageproviderfunctions.psm1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\videos\help\sticker.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookiconfirstrunmail.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storesmalltile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\org-openide-modules.jar svchost.exe File opened for modification C:\program files\windows nt\tabletextservice\tabletextservicetigrinya.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-black_targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\popup\fue4_image.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\kr_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\dd_arrow_small.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar svchost.exe File opened for modification C:\program files\windows media player\media renderer\connectionmanager_dmr.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubbadgelogo.scale-100_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\[email protected] svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\ja-jp\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\resource\font\pfm\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\rain.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmssplashscreen.contrast-white_scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_eye.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebooksmalltile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\es-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailwidetile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7tsframe.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cg_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7dd.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\images\cursors\win32_linknodrop32x32.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\sound.properties svchost.exe File opened for modification C:\program files\mozilla firefox\gmp-clearkey\0.1\manifest.json svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_newfolder-default.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\sl-sl\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.identity_3.4.0.v20140827-1444.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\double wave_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\square310x310logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5601_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\smalltile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\lobby_add_photos_mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1850_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\images\ratings\yelp2.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\next-arrow-down.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\management\jmxremote.access svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6701_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsplashlogo.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-24_contrast-black.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\testdrive.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\ro_get.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_scale-200.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7357_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\themes\dark\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_ca\en_ca.dic svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\freecell\alcatraz_escape_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\about.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\11s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\cardsloadingspritesheet.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2708_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\nub.png svchost.exe File opened for modification C:\program files\common files\system\ole db\sqloledb.rll svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\org-openide-util-lookup.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.advertising.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\computer_white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-64_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\my_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangebadge.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-20.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8268_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\radialcontrol\rotate_e7ad_normal_white_64x64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-16.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\ribbon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\largetile.scale-100.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\dropins\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows media player\en-us\wmpnssci.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\fullscreenquad_vs.fxo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailwidetile.scale-400.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-256.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\plugins\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\7zcon.sfx svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-charts.xml svchost.exe File created C:\program files\videolan\vlc\skins\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebookwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionwidetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\contain.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\microsoft.graphics.canvas.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ws_16x11.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\core\org-openide-filesystems.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\psfont.properties.ja svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\go_for_the_silver_.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\fi-fi\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\locale\lv\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\plugins\rhp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\bears.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\moe_default_icon.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxmediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\powershellget\1.0.0.1\psmodule.psm1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\fsdefinitions\oskclearui\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\icon.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\icons.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-white_targetsize-20.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\plugins\demux\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-16_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\scanapplogo.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\content.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sc_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailmediumtile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\multimedia\mpp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_ko-kr.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebooksmalltile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\de-de.phonenumber.sms.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bg_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\calculatorapp.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.scale-200_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5311_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\3dbrush\round.obj svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\css\main-selector.css svchost.exe File created C:\program files\common files\system\ado\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangebadge.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_fi-fi.respack svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\wide310x150\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\giveup\giveup-press.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\resources\retaildemo\strings\en-us\resources.resjson svchost.exe File created C:\program files\java\jdk1.8.0_66\db\bin\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsplashsquaretile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_nose.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-72_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-64_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\bg.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui_3.106.0.v20140812-1751.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\12c.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\example_icons.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-200_contrast-white.png svchost.exe File created C:\program files\videolan\vlc\plugins\audio_output\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongrouplargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-24_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarbadge.scale-400.png svchost.exe File opened for modification C:\program files\unprotectmerge.xsl svchost.exe File created C:\program files\videolan\vlc\locale\brx\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\ia32.api svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins3d\prc\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\xboxcontrol\xbox-up.png svchost.exe File opened for modification C:\program files\7-zip\lang\el.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\lobbytiles\klondike_bp_809.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscameralargetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedstorelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim1.wink.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmaillargetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\languagenames2\displaylanguagenames.en_gb.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6365_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\lockscreenbadgelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\pl_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-48_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\10px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagemedtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailbadge.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_reportabuse-default_18.svg svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-bg_glass_65_ffffff_1x400.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscamerasplashscreen.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxwidetile.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\edit_12x12.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\fj_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-32_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\css\main.css svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\common files\system\msadc\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\km\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\news\news_bottom.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\icon.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tc_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\uithemes\lighttheme.acrotheme svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apppackagemedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.scale-125_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\derby_common.bat svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.base.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailbadge.scale-150.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\30.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarlogoextensions.scale-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\spotlightcalendar_2016-05.gif svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fi-fi\tipresx.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core_0.10.100.v20140424-2042.jar svchost.exe File created C:\program files\mozilla firefox\browser\features\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4608_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailmediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\largetile.scale-200.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\base_kor.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\drink.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\common\debugoverlay.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore\resources\assets\rt_icons_popcorn_16.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\widelogo.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\backgrounds\background3.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsfin.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-64_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sz_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\649_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\plugin.js svchost.exe File opened for modification C:\program files\windows mail\en-us\winmail.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\pyramid_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\tryagain\tryagain-up.png svchost.exe File created C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x86__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmslargetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windows defender\en-us\shellext.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\storesmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-charts.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_torus.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\_resources\index.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tripeaks\tips_3.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\wide310x150\paintwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\themes\dark\example_icons.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecordersmalltile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\1c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-256_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\animation\coin-partcles-landing.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_illuccfilesempty_180x180.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\de-de\ui-strings.js svchost.exe File created C:\program files\windows media player\en-us\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.news\assets\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\images\cursors\win32_linkdrop32x32.gif svchost.exe File created C:\program files\videolan\vlc\locale\ga\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1850_32x32x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\ads_win10_728x90.scale-100.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\spectrum_spinner_process.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ni_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\mediumblue.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_pignose.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-24.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.http.servlet_1.1.500.v20140318-1755.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\knowngamelist.bin svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\reference assemblies\microsoft\framework\v3.0\redistlist\frameworklist.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\_resources\0.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackagestorelogo.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\lt_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\livetiles\turnbyturn.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8576_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmaillargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\pl-pl\ui-strings.js svchost.exe File created C:\program files\common files\services\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\wa\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\images\walletwide310x150logo.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\core_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\164.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\malthe.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tr_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-dark.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-exchange.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\gameend_redstrip_tip.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\mainpage_more_themes_bp_920.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\win_logo_black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypetile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7989_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-96_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\logo.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\se_60x42.png svchost.exe File opened for modification C:\program files\restartstart.wmf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1250_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxbadge.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\plugins\rhp\exportpdfupsell-app-selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\7-zip\lang\ug.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\advertisement\ads_320x50px.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\plugins\rhp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\es-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square44x44logo.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_12s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-light.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\fullscreen\windowed.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\freecell_menu_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_1s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1937_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\css\main.css svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square71x71\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\en-gb\outlook_whatsnew.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5613_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ke_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\_resources\0.rsrc svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_13c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotewidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\yes.png svchost.exe File created C:\program files\videolan\vlc\locale\ml\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows media player\en-us\mpvis.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxidentityprovider_2016.719.1035.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\ff\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleappstorelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7834_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\py_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\illustrations.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_uk-ua.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\offsyml.ttf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_move_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows media player\network sharing\connectionmanager.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photosmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-256_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecordersmalltile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\fr-fr.phonenumber.model svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\close-2.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\readme-jdk.html svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\resetcoord.scale-140.png svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-dark.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\comment.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\css\main.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\logo.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-64_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2475_24x24x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\caution.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\fonts\lucidatypewriterregular.ttf svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\largetile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_sand.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\medtile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\nl.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\xj_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-60.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\ij.bat svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-actions.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\requests\vlm_cmd.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\40.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\klondike_menu_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-256_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\surfacehub\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2876_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-20_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\om_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xecd1.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\ja-jp\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\plugins\misc\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditmoment.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\adc_logo.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\de-de\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\system\ado\msado26.tlb svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\movie-tvstorelogo.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-40.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.ui\resources\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\tool-search.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.zh_cn_5.5.0.165303.jar svchost.exe File created C:\program files\videolan\vlc\lua\intf\modules\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\de-de.phonenumber.sms.model svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\jscripts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\pmd.cer svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\ct.sym svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\radialcontrol\rotate_e7ad_hc_64x64.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\star.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\widetile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\came_to_play_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\diamonds_are_forever_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-96_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\cstm_brand_preview2x.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclockmedtile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\selection-actions.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\icon.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\7.jpg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8201_48x48x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\completecheckmark.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.smile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\perfect\ribbon_1.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\remove.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\uk-ua\ui-strings.js svchost.exe File created C:\program files\common files\microsoft shared\ink\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\pt_br\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\loadiconrtl_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore\resources\assets\rt_icons_fresh_42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\in.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\appstore_icon.svg svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\orangecircles.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\spider\entangled_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\1d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tiles\klondike.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tg_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\widetile.scale-200.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_20_666666_40x40.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\surfacehub\en-gb\doc_offline_getconnected.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3007_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\zh-tw_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\28.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\phone.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\evilgrin.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclocksmalltile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-in\en-in_female_tts\platform_format.lua svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\themes\dark\rhp_world_icon.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\tr-tr\playstore_icon.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypebackgroundtasks.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3490_40x40x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\warning.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\packagemanagement\1.0.0.1\packagemanagement.format.ps1xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\sv-se\appstore_icon.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\release-notes.html svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\spectrum_spinner.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cw_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\pesterstate.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\themes\dark\s_radio_unselected_18.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar svchost.exe File created C:\program files\java\jre1.8.0_66\lib\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_1d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-40_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timerwidetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-36_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\as_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\tryagain\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarlargetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\ind_prog.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-256.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\s_radio_unselected_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_gridview_selected-hover.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\themes\dark\bg_patterns_header.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmaillargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_2019.16112.11621.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\images\officehublogo_150x150.png svchost.exe File created C:\program files\windowspowershell\modules\pester\3.4.0\examples\calculator\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-explorer_ja.jar svchost.exe File opened for modification C:\program files\windows security\browsercore\en-us\browsercore.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ua_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditrichcapture.contrast-high_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5311_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\progress-indeterminate.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbytools.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\jo_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\re_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\smalllogo.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\meta-inf\eclipse_.rsa svchost.exe File opened for modification C:\program files\videolan\vlc\locale\nb\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_tilemediumsquare.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\plugin.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_11s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarwidetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6440_72x72x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.w3c.dom.smil_1.0.0.v200806040011.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_~_kzf8qxf38zg5c\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-exchange.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\medtile.scale-100.png svchost.exe File created C:\program files\windowspowershell\modules\pester\3.4.0\snippets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_listview_selected.svg svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\chrome_200_percent.pak svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmssmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_2019.16112.11601.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\exportpdf-tool-view.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square44x44logo.targetsize-256.png svchost.exe File created C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\microsoft.advertising\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-256_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\spider\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-dark.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.windowssoundrecorder_2017.130.1208.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\resources\fonts\stormdl2.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\western.mobile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\widetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\css\main.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_heart_shape.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarmediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storelogo.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\japanese_over.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\themes\dark\arrow-up.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\sv-se\ui-strings.js svchost.exe File created C:\program files\mozilla firefox\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10909_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopenincinemagraph.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2475_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\default_apps\drive.crx svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\musicstorelogo.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxaccountssplashlogo.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\smalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\tips_2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_12s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.b010e8f2.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\bears.htm svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\tzdb.dat svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\hololens\en-us\doc_offline_use.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-64_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tj_60x42.png svchost.exe File opened for modification C:\program files (x86)\common files\system\ole db\sqlxmlx.rll svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-24_altform-unplated_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\popup\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenavigationlogo.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6924_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.http_8.1.14.v20131031.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagelargetile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\themes\dark\rhp_world_icon.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\bears.htm svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmswidetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\smalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs-nio2.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\ebook.api svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3416_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarwidetile.scale-125.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\splash.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\internet explorer\signup\install.ins svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\beoftype.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-spi-actions.jar svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\163.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sv_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tv_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_hover.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\pyramid_menu_icon.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_zh_cn.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\pl-pl\ui-strings.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mg_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\smalllogo.scale-100_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotemediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cf_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\dd_arrow_small2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-google.scale-300.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themeless\s_thumbupoutline_22_n1.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2875_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsplashlogo.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_logosmall.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\selection-action-plugins\epdf\plugin.js svchost.exe File opened for modification C:\program files\7-zip\lang\fur.txt svchost.exe File created C:\program files\videolan\vlc\locale\gl\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\bltissue.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\im_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\s_checkbox_unselected_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\upsell\close_button.jpg svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\sv-se\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\halfprice3.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_heart.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_tick.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\dull.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-dark.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-google.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-outlook.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoftadvertising.ini svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\sendforsignature.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square44x44logo.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxbadge.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\server_ok.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.w3c.dom.events_3.0.0.draft20060413_v201105210656.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photoswidetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\s_opencarat_18.svg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldnotbe.snippets.ps1xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\smalltile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\avatars\assets\missingdisplaypic.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\toivo.png svchost.exe File opened for modification C:\program files\mozilla firefox\application.ini svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\69.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\69_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\widetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2876_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditmoment.contrast-high_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-googlecloudcache-light.scale-240.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\match.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7ca.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\deselectall.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photoswidetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\example_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1250_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7260_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4608_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6486_36x36x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\02.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotewidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmaillargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-16_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\trainengine.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\friends.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\snooze.scale-64.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldbegreaterthan.snippets.ps1xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-24_altform-unplated.png svchost.exe File created C:\program files (x86)\windows photo viewer\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\charsets.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\storelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\grmarble.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\navcolumn_black\icon_finish.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\css\main-cef.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\faf-main.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackagewidetile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\offsym.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\misc\altdekstopcopypastehelper.js svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\abbreviations\en_ca\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-16_altform-unplated_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\hololens\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\colored_ps.fxo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x86__8wekyb3d8bbwe\logo.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecorderwidetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8498_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\sv-se\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files-select\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\hu_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets_1.0.0.v20140514-1823.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7260_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotewidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10191_20x20x32.png svchost.exe File opened for modification C:\program files\7-zip\lang\lij.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-80.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\9.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-32_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\move.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-icons_ffffff_256x240.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\advertisement\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\ru-ru\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\locale\ia\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-60_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\example_icons2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\ct_roots.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8576_40x40x32.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\microsoftaccount.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\microsoft.xbox.smartglass.controls\msaauthenticatorview.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosmedtile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\smalllogo.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\matchexactly.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_cloud.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\runninglate.scale-64.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\fi-fi\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\applist.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_cylinder.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsplashlogo.scale-300.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\createpdf.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6584_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mx_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxaccountssplashlogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-96.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\unifiedshare.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\turnonnotificationintray.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\resources.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\settle.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_createnotes_rtl_phone.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagesmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-129.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_nb_135x40.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\widelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\move.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\fable.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\release svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\relivesurfaces\video\relivevideocontrol.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-96_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\li_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\largelogo.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\hr-hr\tipresx.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_lollipop.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7da.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\searchemail.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fi_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_delete_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\bing.immersive\shaders\simplecubeshader-downlevel.ps svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-60.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_removeme-default_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_ellipses_selected.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\flicklearningwizard.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\gimblekeychain.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.44828b84.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\avatars.winmd svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bv_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-30_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ao_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\microsoft.people.relevance.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\ru-ru\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-20.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\example_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_sr-latn-cs.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8196_24x24x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\particles.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_13d.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\medtile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypemedtile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\illustrations.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview.png svchost.exe File created C:\program files\java\jdk1.8.0_66\db\lib\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\icons\tripeaks.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmaillargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-64.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\icon.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-40_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebooksmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\context.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.emf.common_2.10.1.v20140901-1043.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\1c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\square71x71logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x86__8wekyb3d8bbwe\logo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\images\tiles\square150x150logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7656_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\deselectall.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\storelogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebooksmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\oneconnectlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclocksmalltile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-256_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarbadge.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-16_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_13s.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_gridview_selected-hover.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\css\main.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\zh-cn\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\menu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-google.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-exchange.scale-400.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\nashorn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\square44x44logo.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5601_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeassets-regular.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\assets\storelogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\musicvideosdialogbackground.jpg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmsapplist.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\bg_patterns_header.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\de-de\ui-strings.js svchost.exe File created C:\program files (x86)\common files\adobe\acrobat\activex\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\dailychallenges\tile3_diamond.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\xboxcontrol\defaultavatar.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\microsoft.apps.messaging.external.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\invertcoloreffectps_y.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\constantsperobjectlighted.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\oneconnectwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\us_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3007_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscameralargetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\11s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\common files\system\ado\msado21.tlb svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\apppackagesplashscreen.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.wink.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecordermedtile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1849_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagemedtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-64_altform-unplated.png svchost.exe File created C:\program files (x86)\windows portable devices\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1725_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\ko\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\256x256.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_empty_state.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\core_rtl.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\microsoft.powershell.operation.validation.psm1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\videolan\vlc\locale\ps\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square44x44logo.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedapplist.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\incoming_contacts.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mf_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\large_trefoil.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\xboxservices.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_concrete.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\fonts\mapsmdl2.2.01.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\reflow.api svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\arrow-down.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiling.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\spacer\3px.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\back-arrow-default.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\plugins\rhp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclockwidetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_reject_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sl_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\pt-br\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\mooning.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ki_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-api-progress.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\flavormap.properties svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_gridview_selected.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\java\jre1.8.0_66\lib\amd64\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6440_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangesmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-80.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\reference assemblies\microsoft\framework\v3.5\subsetlist\client.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\1s.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_gb\en_gb.dic svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecordermedtile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\plugin.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypelargetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.scale-200_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\license.html svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\org-openide-util.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\oak.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\dj_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5664_20x20x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\psfont.properties.ja svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-util-lookup.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_tilesmallsquare.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\apppackagesmalltile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\digsig.api svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages_ko.properties svchost.exe File created C:\program files\videolan\vlc\locale\tr\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailbadge.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-24_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\privacy_policy.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-60.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\generic.messaging.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2210_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\cstm_brand_preview2x.png svchost.exe File opened for modification C:\program files\7-zip\lang\hy.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-16_altform-unplated_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\lightblue.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\82.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\hololens\en-us\doc_offline_wifi.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-72_contrast-black.png svchost.exe File created C:\program files\videolan\vlc\locale\hu\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\starclub\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\largelogo.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-util_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10911_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\649_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-ja_jp_2x.gif svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\commonassets.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mk_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected] svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\meta-inf\eclipse_.sf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\orb.idl svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebookwidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\cork.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangebadge.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-32.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\1494870c-9912-c184-4cc9-b401-a53f4d8de290.pdf svchost.exe File opened for modification C:\program files\msbuild\microsoft\windows workflow foundation\v3.0\workflow.targets svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\aquarium.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-256_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\idpvalueassets\gamedvrvalueprop.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_2019.16112.11601.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square44x44logo.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apppackagestorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sn_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1937_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_moon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1251_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\headbang.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\cs-cz\ui-strings.js svchost.exe File created C:\program files\msbuild\microsoft\windows workflow foundation\v3.5\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\url.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_12d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\s-1-5-21-1231583446-2617009595-2137880041-1000-mergedresources-0.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-googlecloudcache-light.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\license svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\ccloud.png svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.2.24002.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6124_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-32_contrast-high.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\lua\sd\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\icon_newdeal.png svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\pages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\clicktorun\officeupdateschedule.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timersmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\13d.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\it-it.phonenumber.model svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\circle_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\themes\dark\rhp_world_icon_2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\largelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_teethsmile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tv_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-exchange.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagelargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\nz_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailmediumtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\highbeamcardlogo.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_splashscreen.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\viewer.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_illuemptyfolder_160.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\175.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\sounds\starunlock_d.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\menu\menu-press.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\offsyml.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\turnoffnotificationinacrobat.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\images\ratings\yelp10.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\smalllogo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\rename.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timersmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\ru-ru\playstore_icon.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\mobile.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\stripes\newcollection.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\4.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\zh-tw\ui-strings.js svchost.exe File created C:\program files\common files\microsoft shared\stationery\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\win32\jawt_md.h svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupmedtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\paintstudio.viewmodel.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ec_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tj_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\it_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\surfacehub\en-gb\toc.xml svchost.exe File opened for modification C:\program files (x86)\windows media player\en-us\setup_wm.exe.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\meta-inf\eclipse_.sf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorstorelogo.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-dark.scale-300.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\should.tests.ps1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\smalllogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\goal_5.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ml_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2875_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-72.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.text.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\edit.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\supplementaldictionaries\en_ca\excluded.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\jvmti.h svchost.exe File created C:\program files\videolan\vlc\locale\zh_cn\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-light.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\klondike_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square310x310\paintlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10909_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongrouplargetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\sign-in.png svchost.exe File created C:\program files (x86)\google\update\install\{8468f825-eacb-4d96-85a6-45d4d3723223}\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6440_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecordermedtile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\fable\fable_1h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotewidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailmediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsplashlogo.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\notice svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\license svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_2017.209.105.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\searchemail2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\11h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\_resources\0.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\pt-br\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\management\management.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\rock.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-google.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-16_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\sq.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\peopleapplist.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\illustrations_retina.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\thirdpartylicensereadme.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\freecell\on_parole_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\ensoui\id_arrow.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-ui.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\11d.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1851_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagesmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\server_issue.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\convertpdf-selector.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\thirdpartylicensereadme.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\green bubbles.htm svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchlargetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-20_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ba_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclockwidetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-64.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\images\officehublogo_splash.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditrichcapture.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\arrow-right.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\example_icons.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\meta\art\03_lastfm.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\newscene.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7813_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\s_listview_18.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore\resources\assets\rt_icons_cert_16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongrouplargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\_resources\index.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-96_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-60_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\fonts\lucidabrightregular.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-72_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubwidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\cs_get.svg svchost.exe File created C:\program files\common files\microsoft shared\ink\he-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\license.html svchost.exe File opened for modification C:\program files\mozilla firefox\browser\features\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackagebadgelogo.scale-200_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\12c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\_resources\0.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\smallklondiketile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\bing.immersive\shaders\simplecubeshader.ps svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslargetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\css\main-selector.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailwidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\share.svg svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\surfacehub\en-us\doc_offline_getconnected.xml svchost.exe File created C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\coffee.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore\resources\assets\rt_icons_fresh_16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository_1.1.300.v20131211-1531.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bt_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\be.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\buildinfo.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_eye.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\videos\help\flatfreehand3d.mp4 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\css\main.css svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\fileicons\filelogoextensions.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\game_menu.jpg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\splashscreen\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\new-fixture.ps1 svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsdeu.xml svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2875_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\oneconnectbadgelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\mediumgray.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\1.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\locale\gl\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\no symbol.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\_resources\0.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-light.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\dot.cur svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\assets\xbox_windows_logo-01.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\ca-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\ko.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\sr-latn-cs\mso.acl svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\inlove.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\2.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\runninglate.scale-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4583_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5664_40x40x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-36_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\wovenmat.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\guidailychallenge.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\oildaubheight.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\oneconnectstorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-black_targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\resources.pri svchost.exe File created C:\program files (x86)\common files\adobe\helpcfg\en_us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photosmedtile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\logo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-us\doc_offline_speechrecognition.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsstorelogo.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\195.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-40_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\oneconnectstorelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_filter-disabled_32.svg svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\tipresx.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_ja.jar svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\setupmetrics\20200430132944.pma svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\pop3.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\css\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\networkservercontrol.bat svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscameramedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameralargetile.contrast-black_scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-30_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\fi\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windows defender\clientwmiinstall.mof svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\w2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\bronzebadgeearned.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\settle.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_background.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxmediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6701_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\abbreviations\en_gb\list.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\filesystemmetadata.xml.md svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstoretasks.winmd svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\sk-sk\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-60_altform-unplated_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapslargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\msado28.tlb svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1851_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\thinking.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\files_icons2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\supplementaldictionaries\en_ca\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\nl-nl\ui-strings.js svchost.exe File created C:\program files (x86)\reference assemblies\microsoft\framework\v3.0\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\largetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1250_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\css\main.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\download-btn.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\fonts\lucidabrightitalic.ttf svchost.exe File opened for modification C:\program files\requestclose.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\mooning.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\temporary_multiselect_24.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.http.jetty_3.0.200.v20131021-1843.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\planecutkeepboth.scale-180.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\as_in\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sh_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-60.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\images\avatar.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\bouquet.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\peoplesmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8576_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_2017.113.1250.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\s_agreement_filetype.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionlargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_2017.130.1208.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\addressbook2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\highfive.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangebadge.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\largetile.scale-100.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxmediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.ui\resources\images\star_3qtr.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\mip.exe.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_ja.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\vimeo.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsbadge.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_it_135x40.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi_3.10.1.v20140909-1633.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1849_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\ca-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\endgame_blue_over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxaccountssplashlogo.scale-180.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\acroform.api svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionmedtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\chat_spinner.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mw_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\zx______.pfb svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-80_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5313_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\7px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotemediumtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tf_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\microsoft.xbox.smartglass.controls\bridgedwebbrowser.xaml svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-60_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\cherryblossoms.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\12h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\1c.png svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\cstm_brand_preview.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1251_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\inline-error-1x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\core_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-dark.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.zh_cn_5.5.0.165303.jar svchost.exe File created C:\program files\mozilla firefox\browser\visualelements\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\illustrations.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\mozilla firefox\update-settings.ini svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecordersmalltile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\fi-fi\playstore_icon.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchlargetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\checkmark.png svchost.exe File opened for modification C:\program files (x86)\windows defender\en-us\mpevmsg.dll.mui svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages.properties svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\vlm.html svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\bin\pester.bat svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\icons_retina.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\orangecircles.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\pyramid\treasure_chamber_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-40_altform-unplated_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peoplewidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sa_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_checkbox_selected_18.svg svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages_ja.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\logo.scale-100_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\traincarcaboose.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\1s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2494_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\illustrations_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\assets\sample files\bus schedule.pdf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\windowsphonereservedappinfo.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\share.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\css\main.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\share_icons.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditmoment.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\ms.entertainment.common\resources\fonts\segmvr2.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\s_shared_single_filetype.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_nextarrow_default.svg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\packagemanagement\1.0.0.1\packagemanagement.psd1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\larrow.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\klondike\ice_castle_unearned_small.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\thankyou\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\es.txt svchost.exe File created C:\program files\internet explorer\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derby.war svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_ja_jp.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar svchost.exe File opened for modification C:\program files\videolan\vlc\locale\da\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4608_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\css\main.css svchost.exe File opened for modification C:\program files\7-zip\lang\et.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedbck2.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_owleye.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\kn_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangelargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.news\assets\newsbackground.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\is_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangesmalltile.scale-400.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.telemetry\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesplashlogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-black_targetsize-80.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_tr-tr.respack svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\reduced_mode-2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\email\dummy\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\powershellget\1.0.0.1\psmodule.psm1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\core\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxmediumtile.scale-400.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\bin\server\xusage.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square44x44logo.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square150x150logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatormedtile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\containexactly.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\should.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-60.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\images\themes\dark\file_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\zh-cn\appstore_icon.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\oneconnectmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6449_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlogoextensions.targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\libs\jquery.ui.touch-punch\0.2.2\jquery.ui.touch-punch.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\meipreload\manifest.json svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\plugin.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\win\cp1257.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10178_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timerlargetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\12s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\illustrations.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\setembeddedcp.bat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim1.wink.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\deal\new-deal-up.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\spider\respacks\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarlargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\styling\css\phonelight.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\css\main-selector.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\ru-ru\ui-strings.js svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\lib\amd64\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\dancing.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-100_contrast-white.png svchost.exe File created C:\program files\common files\system\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_mouseear.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\mobile\mobile_13h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-google.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storesmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscameralargetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1914_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-fr_fr.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailbadge.scale-400.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_cn_5.5.0.165303\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_eyelookingup.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6449_72x72x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\plugins\rhp\createpdfupsell-app-tool-view.js svchost.exe File opened for modification C:\program files\windows media player\media renderer\renderingcontrol_dmp.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\202.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\xk_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\appcs\assets\phtomdl2.1.61.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.38e1ccbd.pri svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\sk_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\themes\dark\progress.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypeapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\widetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\progressbar\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\nod.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gy_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\icudtl.dat svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_da_135x40.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jmx.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\yellowabstractnote.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4774_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\green bubbles.htm svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winclassictsframe.png svchost.exe File opened for modification C:\program files\windows nt\tabletextservice\tabletextservicedayi.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\rhp_world_icon.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\themes\dark\faf_icons.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\card_shadow_big.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bs_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.454.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.scale-200.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\walnut.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\lipssealed.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\storewidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\applist.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\alphablendingeffectps_bgra.cso svchost.exe File opened for modification C:\program files\windows defender\en-us\protectionmanagement.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagesmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6454_48x48x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fr-fr\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-20_altform-unplated_contrast-white.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsalarms_2017.203.236.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\awards_bronze.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\fo_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\review_browser.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscamerasmalltile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\meta-index svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-api-annotations-common.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tk_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2876_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.intro_3.4.200.v20130326-1254.jar svchost.exe File created C:\program files\videolan\vlc\plugins\logger\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\s_checkbox_selected_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\sv_get.svg svchost.exe File opened for modification C:\program files\videolan\vlc\locale\fur\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\menu\menu-over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photosmedtile.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\pdfsigqformalrep.pdf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackagemedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\images\blankimage.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\ml.pak svchost.exe File opened for modification C:\program files\7-zip\descript.ion svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\largetile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\setupteardown.tests.ps1 svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\appletrailers.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\tab\tabmaster.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmswidetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\medtile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\sfs_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim2.smile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tn_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesplashlogo.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\error-icon.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\s_thumbnailview_18.svg svchost.exe File opened for modification C:\program files\windows defender\amstatusinstall.mof svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\booleansubtract.scale-180.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\review_shared.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsplashlogo.scale-150.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_ca\en_ca.aff svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_tilewide.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cd_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsmalltile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\widelogo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bb_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatormedtile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailbadge.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\flickanimation.avi svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-api-caching.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fireworks\fireworks3.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\tips_5.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\tips_3.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\searchemail2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\dismiss.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailmediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\largetile.scale-200_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\master_preferences svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_logosmall.targetsize-24.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\forms_poster.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\convertps_nv12tobgra.cso svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x86__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\td_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatormedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6486_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\menu\menu_back-pressed.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\go-for_the_gold_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\puking.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsbadge.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\mozilla firefox\firefox.exe.sig svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\im_60x42.png svchost.exe File created C:\program files\windows nt\tabletextservice\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\hr_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\meta\art\00_musicbrainz.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.news\assets\news_button_down.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-gb\onenote_whatsnew.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photosapplist.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\themes\dark\example_icons.png svchost.exe File created C:\program files (x86)\reference assemblies\microsoft\framework\v3.5\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_reminders_18.svg svchost.exe File created C:\program files (x86)\common files\adobe\arm\1.0\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\goal_3.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-48.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_checkbox_selected_18.svg svchost.exe File opened for modification C:\program files\windows defender\en-us\protectionmanagement.mfl svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecordersmalltile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-60_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\icu\icudt26l.dat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\27.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\peoplelargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\smalllogo.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\pyramid_bp_920.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_invite_24.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\pesterthrow.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\wave.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skype_titlebar_logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\18.rsrc svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\matchexactly.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\apple-touch-icon-57x57-precomposed.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\en_gb\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\nl_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\thankyou\genericenglish-2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\appcore\location\shifter\relicensing statement.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\medtile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\help.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\sand.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubwidetile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\embosstext.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim1.surprise.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\es_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sr_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-32_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\email\dummy\adobe-old-logo.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\videolan\vlc\locale\as_in\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\livetiles\avatar150x150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3899_24x24x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.properties svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileregistry\jmc.profile\1423496926306.profile.gz svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6365_72x72x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-light.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\sr-latn-cs\mso.acl svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\images\themeless\desktop_acrobat_logo.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\plugins\control\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_tongue.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5034_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-16_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailmediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8794_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-light.scale-125.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\management\jmxremote.password.template svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_11s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square310x310\paintlargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\bl.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\pyramid\careful_excavation_unearned_small.png svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5606_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-64_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg2_thumb.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\themes\dark\s_checkbox_selected_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\da-dk\appstore_icon.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim1.smile.small.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim2.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\ads_casualgames_300x250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\pyramid\mummys_boy_.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\lt.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclocklargetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\projectionplanar.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\tripeaks\tripeaksassets.xml svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\mobile_view.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\fullscreen\fullscreen-up.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-dark.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ar-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\dm_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\helper.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storesmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square44x44logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\main_tile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\oneconnectsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmaillargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-20.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\meta-inf\eclipse.inf svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\tips_4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\cardbacks\western.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\oneconnectlargetile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\he-il\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\fonts\lucidasansdemibold.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ls_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1949_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\cyrillic.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-48_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\3.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim2.sad.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bz_16x11.png svchost.exe File opened for modification C:\program files\7-zip\history.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupmedtile.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-72_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3838_24x24x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\office16\office setup controller\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\languagenames2\displaylanguagenames.en_gb_euro.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\191.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\meta-inf\eclipse_.rsa svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-24.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\annots.api svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\contrast\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\smalllogo.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\ca-es\ui-strings.js svchost.exe File created C:\program files\mozilla firefox\uninstall\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.advertising\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tripeaks\goal_1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\so_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\176.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_tongue.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\modules\simplexml.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\cubetile_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-60.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\multimedia.api svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\asl-v20.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gt_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\hi_contrast\core_icons__retina_hicontrast_wob.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\fr-ma\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.jasper.glassfish_2.2.2.v201205150955.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_13h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\fillandsign.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\illustrations_retina.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\brx\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-48_altform-unplated_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsmalltile.scale-100.png svchost.exe File created C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\diagnostics\comprehensive\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windows defender\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\12h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6584_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\fr-ma\ui-strings.js svchost.exe File created C:\program files\common files\designer\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarwidetile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\default_apps\gmail.crx svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\fue2_image.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gg_60x42.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\checkbox.wav svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\el_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\bun.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository_2.3.0.v20131211-1531.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\embosscontour.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\5.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\images\playbutton.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-100_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_ca-es.respack svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\es-419_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\close.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsplashlogo.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\am_get.svg svchost.exe File created C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2708_40x40x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionmedtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\rdcnotificationclient.appx svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\update\1.3.35.452\googleupdatehelper.msi svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\zipfs.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gt_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-40.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\pester.nuspec svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\containexactly.tests.ps1 svchost.exe File opened for modification C:\program files\7-zip\lang\it.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\orange circles.htm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoswidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-16_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6100_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-light.scale-100.png svchost.exe File created C:\program files (x86)\common files\microsoft shared\vsto\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\default_apps\youtube.crx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timerlargetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\splashscreen.scale-200_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\peoplesplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.security.win32.x86_64_1.0.100.v20130327-1442.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\apppackagewidetile.scale-125_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongrouplargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\file_icons.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhublargetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\duplicate.svg svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\auxpad.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\13d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-16_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_pill.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\km_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\delete.svg svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\zh-dayi.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-64_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_badgelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\br_16x11.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\languagenames2\displaylanguagenames.en_ca.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\dnsns.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_chevron.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\smirk.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\mapswidetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\nb-no\ui-strings.js svchost.exe File created C:\program files\java\jre1.8.0_66\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\mozilla firefox\precomplete svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6478_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\doh.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\clapping.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\peoplelargetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\check-mark-2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_ellipses-hover.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-awt.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclocklargetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storebadgelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\base_uris.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository_1.2.100.v20131209-2144.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\dz_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_dogear.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\close2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_illunointernetconnection_120x80.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\cs-cz\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\weblink.api svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\widelogo.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\starclub\challenge_pyramid.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-36.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\aic_file_icons_retina_thumb_new.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sj_16x11.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtktsframe.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_gravel.dxt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\themes\dark\new_icons.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\commoneffectsassets.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-64.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-96_contrast-black.png svchost.exe File opened for modification C:\program files\7-zip\lang\an.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\widelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\165.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebookwidetile.scale-400.png svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\lib\deploy\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\extensions\vlsub.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\awards_perfect_ribbon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\tripeaks\low_altitude_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ga_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsplashlogo.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubwidetile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\largetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\greek.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipscht.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\parchmnt.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_star.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10178_20x20x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\ux\controls\xbox360purchasecontrol\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\microsoft.advertising\bootstrap.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\all_cards.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\delete.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlogoextensions.targetsize-128.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\fillsign.aapp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\lightedtextured_vertexlighting_vs.fxo svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\icons_ie8.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsplashlogo.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench_1.2.1.v20140901-1244.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\themes_frame.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\muscle.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-40_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\mobile\en-us\toc.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpage\bronzeicon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5613_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapswidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-24_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\pesterstate.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagemedtile.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\splashscreen.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\fullscreen\fullscreen.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangebadge.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-outlook.scale-300.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-48.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\tool\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\starclub\help_1_2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\sounds\saving_contact.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-google.scale-125.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\shades of blue.htm svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-heapwalker.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\microsoft.advertising\bootstrap.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\13d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\poolparty.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclocklargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-96_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\dropins\readme.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\lightedtextured_vertexlighting_ps.fxo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\wide310x150logo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6124_20x20x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows nt\tabletextservice\en-us\tabletextservice.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebookwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5372_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\zh-tw\ui-strings.js svchost.exe File created C:\program files (x86)\windows nt\accessories\en-us\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailwidetile.scale-400.png svchost.exe File created C:\program files\common files\microsoft shared\ink\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\relivesurfaces\preview\relivepreviewcontrol.xaml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_zh_cn.jar svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\lib\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsstorelogo.contrast-black_scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\matchexactly.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\microsoft.advertising\ormma.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-256.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10910_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\itwasntme.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\selection-actions2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\send-email-16.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.awards\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\progressbar\progress_foreground.jpg svchost.exe File created C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5313_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\zh-tw\appstore_icon.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ar-ae\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\itwasntme.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\tmi.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\themes\dark\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small2x.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\fingerscrossed.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailmediumtile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\images\file_icons.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\exportping.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tripeaks\tips_2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_13h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\hu_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-80_altform-unplated_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\themes\dark\sfs_icons.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\vsta\vstofiles.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\4px.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\freecell\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7656_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\plugins\editpdf-tool-view.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\email\adobe_logo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\leave01.png svchost.exe File created C:\program files (x86)\google\chrome\application\81.0.4044.129\default_apps\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\setupteardown.ps1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\acroform\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\plugins\stream_filter\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\skype_call_connecting.m4a svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\images\ratings\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_skull.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1937_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\smalltile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\next-arrow-hover.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\rounded rectangle_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2818_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_history_18.svg svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\msadomd28.tlb svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_zh_cn.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\newgrounds.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.ui\resources\images\star_half.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-30_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\themes\dark\core_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\storelogo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\goal_6.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7296_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-24_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarlargetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-modules_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\movie-tvstorelogo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\oneconnectsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapssplashscreen.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\statistics\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\handshake.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\images\cursors\cursors.properties svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_mac.css svchost.exe File opened for modification C:\program files\videolan\vlc\lua\sd\icecast.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotewidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-google.scale-250.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_filter_18.svg svchost.exe File created C:\program files\common files\microsoft shared\ink\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\security\java.security svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\splashscreen.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\tr_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\herohelp\scenario1.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-24_altform-colorize.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\adobe_spinner_mini.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\cstm_brand_preview2x.png svchost.exe File opened for modification C:\program files\windows mail\en-us\msoeres.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\lift.engine.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\convertps_bgratoy.cso svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\go-mobile.png svchost.exe File opened for modification C:\program files\windows photo viewer\en-us\photoviewer.dll.mui svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\signal_black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\si_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-outlook.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\themes\dark\warning_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-36_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\wink.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxwidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\css\main-selector.css svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages_zh_hk.properties svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_18_b81900_40x40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\82.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\flags.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\pt-br\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhublargetile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_editpdf_18.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\keyboard2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\hm_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscamerasmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\mask_corners_queen.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ge_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\passthroughvs.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2653_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-36_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldbe.snippets.ps1xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\email.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_listview-hover.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorapplist.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\sounds\nudge.wma svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\click_g.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\close.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages_fr.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubbadgelogo.scale-200_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangelargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\dva.api svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\css\main-selector.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_uinline_warning.svg svchost.exe File opened for modification C:\program files\7-zip\7-zip.chm svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\videolan\vlc\locale\uk\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\office16\1033\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\pyramid\golden_pharaoh_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tiles\freecell.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionmedtile.scale-100.png svchost.exe File created C:\program files (x86)\mozilla maintenance service\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\mozilla firefox\gmp-clearkey\0.1\clearkey.dll.sig svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubsplashwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\good_to_be_king_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\13d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\waiting.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\pk_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\thankyou\genericenglish-1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-40_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\stamp.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\x_2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_speech_bubble.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongrouplargetile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\facepalm.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_2016.719.1035.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\css\home-selector.css svchost.exe File created C:\program files\java\jdk1.8.0_66\include\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebookmedtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-googlecloudcache-dark.scale-180.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\s_opencarat_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\scale.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\10.png svchost.exe File created C:\program files\common files\microsoft shared\ink\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor_1.0.300.v20131211-1531.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5034_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\context.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedsplash.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\wf_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscamerawidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\snooze.scale-80.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\navigationicons\nav_icons_mygames.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\he.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\themes\dark\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_nothumbnail_34.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\themes\dark\adobe_sign_tag_retina.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_ja.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-loaders.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\images\vlc-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\splashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\leaves.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\jp_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\ind_prog.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\setnetworkclientcp.bat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.ui\resources\images\star_full.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6486_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailmediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-20_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\microsoft.bing.client.graph\configuration.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\backgrounds\western.jpg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\dialogs\batch_window.html svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\pages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\oneconnectstorelogo.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\css\main.css svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\ink\en-us\micaut.dll.mui svchost.exe File opened for modification C:\program files\videolan\vlc\locale\uz\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\calendar\corrupt.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5665_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\ru_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\rt.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photosapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\bigsmile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\resources\cursorxbox_active.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\visualelements\logo.png svchost.exe File created C:\program files\windows mail\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\kw_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tf_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\themes\dark\[email protected] svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerconstraints.exsd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\pw_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotemediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\_resources\0.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-80.png svchost.exe File created C:\program files (x86)\google\chrome\application\81.0.4044.129\extensions\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\diagnostics\simple\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\adobe_sign_tag_retina.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\passthroughps_uv.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-light.scale-250.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\s_close_h.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\org.eclipse.rcp_root_4.4.0.v20141007-2301 svchost.exe File created C:\program files\videolan\vlc\locale\nb\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bl_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-20.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\images\cursors\win32_movenodrop32x32.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\booleanintersect.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\surfaceprofiles\flatpaperdetail.dds svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-60_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\fullscreen\windowed-press.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\goal_6.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\remove.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\wondering.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timerwidetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-72_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\3.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\ads_win10_728x90.scale-200.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\plugins\rhp\editpdf-tool-view.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\be_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\nub.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\169.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\eu-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\management\snmp.acl.template svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\popup_shadow_2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-60_contrast-black.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-execution.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-googlecloudcache-dark.scale-240.png svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmaillargetile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\requests\playlist_jstree.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\3_badges_none.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\oneconnectstorelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gr_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxaccountssmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\dd_arrow_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\kp_16x11.png svchost.exe File created C:\program files\videolan\vlc\locale\sv\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-64_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\spectrum_spinner_process.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-options-api.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\booleanmerge.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-48_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_2015.7906.42257.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\buildinfo.xml svchost.exe File opened for modification C:\program files\common files\system\ado\msador28.tlb svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\toast.dualsim2.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-20_altform-unplated_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\rename.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\bun.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\s_close_h2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\enutxt.pdf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\13c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\fable\fable_11h.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\menu\menu_back.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5941_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\selector.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\control_3.jpg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gf_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclocksmalltile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\file_info2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-ui.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarbadge.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_filter-down_32.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\dust.jpg svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\supplementaldictionaries\en_us\excluded.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler.xml svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\or\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\peopleappstorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\beer.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\setupmetrics\20200430132918.pma svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-print.jar svchost.exe File created C:\program files\windows multimedia platform\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsmalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\gu.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\images\ratings\yelp8.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\double wave.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7734_32x32x32.png svchost.exe File opened for modification C:\program files\7-zip\lang\ext.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler.xml svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\apppackagesmalltile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\content\saturationgradient.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2818_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\solve\autosolve_button_press.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_gridview.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\scanicon_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\applist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-24_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\examples\calculator\add-numbers.tests.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.docs.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\fonts\lucidabrightdemibold.ttf svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\content\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\themes\dark\icons_ie8.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-dark.scale-400.png svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\adobe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\test-assertion.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photoslargetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_12h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\11s.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\it.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\email_initiator.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\assets\sample files\adobe sign white paper.pdf svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timermedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6100_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\musicstorelogo.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_sortedby_hover_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\de-de\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\gamemodetripeaks.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-24_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-48.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangebadge.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxlargetile.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\apppackagelargetile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\plugins\rhp\editpdf-selector.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\themes\dark\new_icons_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\toast.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-32_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\goal_1.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\selection-actions2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\sr-latn-rs\tipresx.dll.mui svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\xaml\onenote\captureuistyles.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mv_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\rhp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\leaderboards_bp_920.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bo_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\storemanifest.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-oql.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\musicstorelogo.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxaccountslargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailmediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\previewcalendar.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubsplashwidetile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-32_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\css\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\meta-inf\eclipse_.rsa svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\gold_badge_earned.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\hu_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarlargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_gb\readme_en_gb.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml svchost.exe File opened for modification C:\program files\windows media player\skins\revert.wmz svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-24_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timerlargetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-40_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5478_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\ko_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8041_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailmediumtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\back-arrow-hover.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\6.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe805.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\mock.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\mapsstorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-dark.scale-300.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\smooth.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailmediumtile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\cmap\identity-v svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\core\locale\core_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.services_1.1.0.v20140328-1925.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\apppackagestorelogo.scale-125_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\new_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\booleansubtract.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\square44x44logo.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangewidetile.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.model\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\oneconnectlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\sleepy.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7813_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_mouseear.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-30_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\arrow-up-pressed.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_moustache.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\aq_60x42.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\meta-inf\eclipse_.sf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedmedtile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\dailychallenges\tile6.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\largelogo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_gb\readme.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\images\cursors\win32_copynodrop32x32.gif svchost.exe File created C:\program files\videolan\vlc\locale\fi\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\si_60x42.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\jfr\profile.jfc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ck_60x42.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\bn.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\apppackagebadgelogo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\nl-nl\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\attribution\weather_trends.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\apppackagebadgelogo.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\surfaceprofiles\canvas_flat_512x512.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1937_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangebadge.scale-400.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\ink\en-us\mshwlatin.dll.mui svchost.exe File created C:\program files (x86)\common files\microsoft shared\vsto\10.0\1033\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-64_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6124_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-256.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\libs\require\2.1.15\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\sl-sl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\sl-si\ui-strings.js svchost.exe File created C:\program files (x86)\common files\java\java update\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\fr-fr.phonenumber.sms.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ie_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmaillargetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\edit_r_exp_rhp.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.rcp_4.3.100.v20141007-2301.jar svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\fileicons\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\icons\cammdl2.ttf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\languagenames2\displaylanguagenames.en_us_posix.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\dd_arrow_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackagelargetile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7989_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchmedtile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\da.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-36_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8498_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxwidetile.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\eu-es\ui-strings.js svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\lib\security\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_1h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\wide310x150logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contactphoto.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\themes\dark\arrow-left-pressed.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\ukraine.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\9.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\deal\new-deal-press.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\jumbodeck4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-24_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\microsoft.net\redistlist\assemblylist_4_extended.xml svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\access-bridge-64.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\js\jquery.jstree.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\questfallback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-48_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5311_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\cef_200_percent.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebooksmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gh_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\offsymb.ttf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winxpolive.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photosapplist.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-20_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\stickyselection.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\videolan\vlc\lua\intf\modules\host.luac svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\13s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\13h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\turnoffnotificationintray.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\pl-pl\ui-strings.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\je_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopeninrefocus.contrast-high_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongrouplargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.advertising\ormma.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\images\tiles\square310x310logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagelargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ml_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5372_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-20_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\versions\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailsmalltile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\icons_retina.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme_0.9.300.v20140424-2042.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\strike.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\resources\retaildemo\data\en-us\3.jpg svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\license svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecorderapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\it_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\ratings\yelp7.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\find-text.png svchost.exe File created C:\program files\videolan\vlc\locale\eu\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\lb_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\playlistmediumtile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\nn\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackagebadgelogo.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-24_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3416_40x40x32.png svchost.exe File created C:\program files (x86)\google\chrome\application\81.0.4044.129\installer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\wf_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ca_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-64_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10290_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\livetiles\microsoftsolitairewidetile.scale-100.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\12s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\splashscreen\paintsplashscreen.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-exchange.scale-250.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\es-es\appstore_icon.svg svchost.exe File opened for modification C:\program files\disconnectgroup.jfif svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\fontconfig.bfc svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorsplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\default1.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailbadge.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\testsrunningincleanrunspace.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\media_poster.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\sampleheader\xbox.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\images\cursors\win32_copynodrop32x32.gif svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftofficehub_2017.311.255.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmssmalltile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldnotcontain.snippets.ps1xml svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\sunjce_provider.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongrouplargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filter-down_32.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_pt_135x40.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\46.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\rofl.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\tips_2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.4919d9c8.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6124_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\visualelements\smalllogobeta.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticattribute.exsd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\sounds\starsflying_d.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslogoextensions.targetsize-64.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_2015.7906.42257.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubmedtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.forms_3.6.100.v20140422-1825.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\ffjcext.zip svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\debugswitch.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-80_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8201_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarmediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\over-arrow-navigation.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\storelogo\paintapplist.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\peoplesplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsplashlogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\scale.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-gb.calendar.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\bartlett.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxsmalltile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsplk.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmswidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\msbuild\microsoft\windows workflow foundation\v3.5\workflow.visualbasic.targets svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7d6.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\widetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\no_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\toast.dualsim1.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1249_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-24.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\mozilla firefox\defaults\pref\channel-prefs.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-24_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sj_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxmediumtile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\home.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\hr-hr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\te\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\ja-jp\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\sl-si\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\movie-tvstorelogo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\medtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\multimedia\mpp\mcimpp.mpp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebookwidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\am_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\contrast\contrast-black\builderlogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\peoplemedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\qa_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\email.ot svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_2x.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubapplist.scale-125.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\pyramid\careful_excavation_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\cardbacks\cardback1.png svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsplashsquaretile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\ko-kr\ui-strings.js svchost.exe File created C:\program files (x86)\common files\microsoft shared\stationery\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\images\tiles\square44x44logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8794_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\darkgray.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhublargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\soft blue.htm svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skype_titlebar_logo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\heart.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themedownload\download_bar.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10290_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\legal\enu\license.html svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\theme.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\assertshow.rtf svchost.exe File opened for modification C:\program files\common files\microsoft shared\clicktorun\i640.hash svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8268_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\close2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\license.html svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\vi\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\3mf.ico svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_cardback.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\fr-fr\playstore_icon.svg svchost.exe File opened for modification C:\program files (x86)\reference assemblies\microsoft\framework\v3.0\redistlist\frameworklist.xml svchost.exe File created C:\program files (x86)\windows defender\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopeninrefocus.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\55.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\dailychallenges\tile4_diamond.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim1.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sv_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\root\ui-strings.js svchost.exe File created C:\program files (x86)\google\chrome\application\setupmetrics\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app_1.0.300.v20140228-1829.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsstorelogo.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-80.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-remote.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-36_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cz_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailbadge.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\images\walletlockscreenlogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ni_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\smalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-60_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8498_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_signed_out.svg svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-api-visual.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-snaptracer.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\rofl.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contactphoto.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlargetile.contrast-black_scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\close_dark.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim2.wink.small.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-30_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionlargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\layerscontrol\road.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\largetile.scale-200.png svchost.exe File created C:\program files\windowspowershell\modules\pester\3.4.0\examples\validator\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1725_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3009_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_zh_tw_135x40.svg svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\kn.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\oneconnectapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ms_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchwidetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filterselected-dark-default_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\hi.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\punch.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-64.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_sortedby_up_selected_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\microsoft.notes.upgrade.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\hu-hu\ui-strings.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\beoftype.tests.ps1 svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipscat.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html svchost.exe File created C:\program files\videolan\vlc\locale\tl\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\complete.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\microsoft.powershell.operation.validation.tests.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\icon.targetsize-256.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\microsoft.net\primary interop assemblies\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\thirdpartylicensereadme.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\sa-jdi.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8577_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\reviews_super.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscameramedtile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\gimme_five_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\976_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapssplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\183.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\apppackagelargetile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3009_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\a12_spinner_2x.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\test-assertion.ps1 svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\osknav\osknavbase.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebooksmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-24.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\surprised.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.874.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\accessibility.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\13.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-40_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bh_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\649_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-light.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7cf.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\comment.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\pyramid\pyramidassets.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\lockscreenlogo.scale-100.png svchost.exe File created C:\program files (x86)\common files\system\ole db\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\lv.pak svchost.exe File opened for modification C:\program files (x86)\common files\system\msadc\adcvbs.inc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\19.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\fr-fr\ui-strings.js svchost.exe File created C:\program files\common files\microsoft shared\ink\fsdefinitions\auxpad\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\livetiles\microsoftsolitairewidetile.scale-125.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\centerbackground.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ps_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5311_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cv_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\splashscreen.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_11d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4632_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\nf_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-16_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarmediumtile.scale-400.png svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\plugins\rhp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\circle.cur svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\illustrations_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pl_get.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\el-gr\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmslargetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\icons_retina.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\corpchar.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\chrome.visualelementsmanifest.xml svchost.exe File opened for modification C:\program files (x86)\windows media player\en-us\wmlaunch.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\widelogo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\goal_3.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\starclub\help_3_2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_13h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\mapsmedtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-variant2-2x.gif svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\vi.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\tips_6.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscamerawidetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\badges_none.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\navigationicons\nav_icons_gamedvr.targetsize-48.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\common files\system\ado\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square71x71logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-gb.phonenumber.sms.model svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\begreaterthan.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\init.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\boxed-split.avi svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\bin\server\classes.jsa svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bw_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedmedtile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\tr\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bg_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangemediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypemedtile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_cube.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_clipandadd_ltr_phone.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorstorelogo.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pt_get.svg svchost.exe File created C:\program files\videolan\vlc\locale\ms\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\w5.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-us.calendar.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagelargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-96.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\speech\en-us\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\splashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\13c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-30_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_fr_135x40.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\13s.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\diagnostics\comprehensive\comprehensive.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\hr.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-60_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsplashlogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\icons\klondike.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\it.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fullscreen-exit-hover.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatormedtile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldnotcontain.snippets.ps1xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\starclubtile.small.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\back\back-press.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpage\mainpage_more_themes.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6918_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_zh_cn.jar svchost.exe File created C:\program files\windows portable devices\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-48_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\widetile.scale-125.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apppackagewidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_11c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmssplashscreen.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\aic_file_icons.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\belessthan.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\selector.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_2015.7668.58071.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\pa_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5941_32x32x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_tilelargesquare.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-light.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7ce.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\microsoft.xbox.smartglass.controls\webbrowser.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\browser\wcchromeextn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\progress_spinner.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\music_welcome_page1.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\ja-jp\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ks_in\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\awards_diamond.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\popup_shadow_1_2bp.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\at_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cc_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\documentation.url svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\editvideoimage.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\sl-sl\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\clicktorun\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\charsets.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-dialogs.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\loadicon_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10911_24x24x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecordersplashscreen.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\medtile.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.ui\resources\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\s_close_h.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\intf\dummy.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\19.jpg svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\square71x71logo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\classic_speed_run_.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\nb-no\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2653_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\re_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_ninjacat.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-google.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-40_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\ms.entertainment.common\resources\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\he-il\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-api-progress.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\close2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fireworks\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\images\ratings\yelp8.scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldnotthrow.snippets.ps1xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\review_same_reviewers.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themeless\s_thumbupoutline_22_n.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\deal\new-deal-over.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-72_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-16_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\videolan\vlc\locale\kk\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\backgrounds\aquarium.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8196_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peoplemedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorsmalltile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\testresults.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\illustrations.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_13h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\1s.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\check-mark-1x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedsmalltile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\kb-unlocked.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\hr-hr\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarlargetile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\mozilla firefox\updater.ini svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1249_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorsplashscreen.contrast-black_scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\images\example_icons2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-outlook.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-light.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_invite_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\es-es\playstore_icon.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-80_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-dark.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\skype_call_ended.m4a svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gb_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\giggle.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\en-us\about_should.help.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\new_icons.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsita.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\scan_r_rhp.aapp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_11h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7d0.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\close.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7656_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ai_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_zh_cn_135x40.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\came_to_win_unearned_small.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\clicktorun\appvclientisv.man svchost.exe File created C:\program files\common files\microsoft shared\ink\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-dark.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\runninglate.scale-80.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\ckb\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\ungroup.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\it-it.phonenumber.sms.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\drunk.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-dark.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-light.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1849_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ch_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_closereview_18.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-48_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\do_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5478_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5601_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\ux\controls\xbox360purchasecontrol\xbox360purchasehostpage.html svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7316_48x48x32.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\exist.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\splash.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-48_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopeninrefocus.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\af_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ki_16x11.png svchost.exe File opened for modification C:\program files\7-zip\lang\sa.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-nodes_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclockmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopenincinemagraph.contrast-high_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-96_altform-unplated.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-32_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsdan.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-api.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\oneconnectmedtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files-select\js\selector.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\sy______.pfb svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\lobby_deck_style_beach.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailmediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\common files\system\msadc\en-us\msaddsr.dll.mui svchost.exe File opened for modification C:\program files\suspendsplit.htm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_tilesmallsquare.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangewidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\smalltile.scale-200_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\storelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\peopleappstorelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\courierstd-bold.otf svchost.exe File created C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example3.diagnostics\2.0.1\diagnostics\simple\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_ja.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-api.xml svchost.exe File created C:\program files\videolan\vlc\locale\ja\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2708_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangebadge.scale-150.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\tet\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsmalltile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_flag.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\dc-annotations\js\plugin.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\combine_poster.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\13c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ve_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\livetiles\avatar310x310.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-16_altform-unplated_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\softblue.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\ads_win10_300x250.scale-200.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\medtile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubmedtile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-gb\toc.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\ratings\yelp8.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\da-dk\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\youtube.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\popup_shadow_3.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\locale\an\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagelargetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\sl-sl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-services.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\1h.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\fr-fr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchsmalltile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\uy_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorapplist.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\sv-se\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_fur.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mc_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-32_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarbadge.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-us.phonenumber.model svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\plugins.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.servlet_3.0.0.v201112011016.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\next-arrow-default.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.ja_5.5.0.165303.jar svchost.exe File created C:\program files\microsoft office 15\clientx64\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-80_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\hm_60x42.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square44x44logo.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\sunmscapi.jar svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\nl-nl\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\lua\meta\art\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\tmi.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\1s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\submission_history.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\5.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\splashscreen\paintsplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\smoking.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins3d\prc\myriadcad.otf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackagelargetile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\giveup\giveup-over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-light.scale-200.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\br\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\extensions\external_extensions.json svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application-views.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpage\mainpage_more_statistics.jpg svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6478_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-ja_jp.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\microsoft.system.package.metadata\s-1-5-21-1231583446-2617009595-2137880041-1000-mergedresources-0.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchsmalltile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-light.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_bark.dxt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-40_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\meta-inf\eclipse.inf svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\styles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeassets-light.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\dd_arrow_small.png svchost.exe File created C:\program files\videolan\vlc\locale\hr\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-256_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\lalala.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\classlist svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ye_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\7-zip\lang\ku.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\part.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-dark.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\selector.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\en-il\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4632_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\emo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\a12_spinner_int_2x.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\msbuild\microsoft\windows workflow foundation\v3.0\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_hu.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\microsoft.people.controls.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\largeklondiketile.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\editpdf.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\winsdkfb\images\fb_blank_profile_portrait.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-exchange.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\circle.cur svchost.exe File created C:\program files\videolan\vlc\locale\hy\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\11c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebookmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\microsoftaccount.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscamerawidetile.contrast-black_scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoswidetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2875_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangemediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ia\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7205_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\sat_logo.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\7-zip\lang\gl.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\weather_logosmall.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhublargetile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagelargetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\cloud_icon.png svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\flipping_out_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\beach.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\core.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\upsell_image.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\oneconnectmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\sadsmile.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\themes\dark\digsig_icons_2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\af_get.svg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\mock.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gb_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\sounds\camcorder_start_5.wav svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\apple-touch-icon-144x144-precomposed.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-dark.scale-250.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\tzdb.dat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapslargetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\back-arrow-disabled.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1851_32x32x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\meta-inf\eclipse_.rsa svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ro\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxbadge.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclockwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-24_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\click on 'change' to select default pdf handler.pdf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\ar_get.svg svchost.exe File opened for modification C:\program files (x86)\windows media player\en-us\wmpnssui.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\dismiss.scale-64.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\plugin.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\exist.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6584_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\redact_r_rhp.aapp svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\meta-inf\eclipse_.rsa svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\embosstext.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_logosmall.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\11d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\buildinfo.xml svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\rhp_world_icon_2x.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1251_40x40x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\system\ado\msado27.tlb svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_2019.16112.11621.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\testdrive.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\rhp_icons_2x.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\th-th\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_cone.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-40.png svchost.exe File created C:\program files\common files\microsoft shared\ink\fsdefinitions\keypad\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-20_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7989_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditrichcapture.contrast-high_scale-200.png svchost.exe File opened for modification C:\program files\videolan\vlc\skins\default.vlt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\lightning bolt.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_tilemediumsquare.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebooklargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionsmalltile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-64_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-32_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\set-testinconclusive.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\saslprep\saslprepprofile_norm_bidi.spp svchost.exe File created C:\program files\videolan\vlc\locale\da\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_cancel_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\starclubtile.wide.jpg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\soundcloud.luac svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\splashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\en-us\about_beforeeach_aftereach.help.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\fr-fr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\resource\font\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_cube.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1850_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7336_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\largetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_filter-focus_32.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\no_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-ui.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\187.png svchost.exe File opened for modification C:\program files (x86)\mozilla maintenance service\updater.ini svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\23.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\terms_of_use.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cc_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\navcolumn_black\icon_materials.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\videon.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-google.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\css\main-selector.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\autogen\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\in_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bw_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\layerscontrol\aerial.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\pr_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-256.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10909_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\eg_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timerwidetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8794_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gi_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsmalltile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\progress-indeterminate.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\root\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\locale\et\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x86__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\af.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\group.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\29.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\officeimm.odf svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmssmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\traintracksplit.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\statistics_bp_920.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5313_48x48x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\edit-pdf.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\ru-ru\appstore_icon.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-light.scale-300.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\internet explorer\en-us\ieinstal.exe.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-search_zh_cn.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\vlm_export.html svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tripeaks\goal_2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxwidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\sendforcomments.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-awt_zh_cn.jar svchost.exe File created C:\program files\videolan\vlc\locale\it\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6528_48x48x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\time-span-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\selectall.scale-140.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\eu.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\meta-inf\eclipse_.rsa svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\storelogo.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\faf_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\bin\pester.bat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\ratings\yelp3.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\pester.psd1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tmp_tournament_trophy_blue.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-96_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatormedtile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\widetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\icons\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsplashsquaretile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\index.html svchost.exe File created C:\program files (x86)\microsoft.net\redistlist\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-20_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\texturedinstanced.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangewidetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\annotations\stamps\enu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\trash.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\menu\menu_black-over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailmediumtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\should.tests.ps1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.2.24002.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\logo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\planecut.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\hwrlatinlm.dat svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_pipe_bend.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\oildaubheight2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\email\themes\dark\adobe_logo.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\smalltile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-16_altform-unplated_contrast-high.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg3.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\4-point star_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\it_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\trophystar.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.awards\assets\sign_in_size.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-72.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\ca-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-compat.jar svchost.exe File created C:\program files\videolan\vlc\plugins\gui\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\12.jpg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebookwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecordersplashscreen.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\snooze.scale-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\lobbytiles\pyramid_bp_809.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-gb\en-gb_female_tts\ruleset_en-gb_tts.lua svchost.exe File opened for modification C:\program files\7-zip\lang\nn.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_12h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\bing.immersive\shaders\simplecubeshader-downlevel.vs svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmaillargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\snooze.scale-64.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\microsoft.powershell.operation.validation.psd1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\perfect\crown.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tc_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-us.messaging.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\describe.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\variant.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\inappsign.aapp svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-white_targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangelargetile.scale-200.png svchost.exe File created C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example3.diagnostics\2.0.1\diagnostics\simple\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\trackedsend.aapp svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsen.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\canvas.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5313_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\office365logowlockup.scale-100.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecorderlargetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-16_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\sk-sk\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\bulldozer.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6100_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\legal\enu\eula.ini svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\ro\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_ja.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\a12_spinner.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mac.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\tr-tr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\news\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4642_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxaccountssplashlogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailmediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\fontconfig.properties.src svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\ru\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\4.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\lg\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupmedtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailbadge.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\music_welcome_page2.jpg svchost.exe File created C:\program files (x86)\common files\system\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldnotmatch.snippets.ps1xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-40_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-80_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\ended_review_or_form.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\bin\server\xusage.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesplashlogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4642_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsstorelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\perfectearned.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_et-ee.respack svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\locales\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe\logo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesplashlogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-80_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\spider_bp_920.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\movie-tvstorelogo.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\applist.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\wait.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\md_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\apple-touch-icon-114x114-precomposed.png svchost.exe File opened for modification C:\program files\7-zip\lang\tr.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_torus.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\resetcoord.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\fable\fable_12h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmssplashscreen.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\text_2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\klondike\mining_for_gold_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-gb.phonenumber.ot svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_13s.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ff\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\paint_logo_with_trademark_about_popup.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-80.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsptg.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_sv-se.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\lv-lv\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\texturedcolored_ps.fxo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_marble.dxt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\rotate.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows defender\symsrv.yes svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bf_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tiles\tripeaks.jpg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\msbuild\microsoft\windows workflow foundation\v3.5\workflow.visualbasic.targets svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4627_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_illuemptystatedcfiles_280x192.svg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\operationvalidationresources.psd1 svchost.exe File opened for modification C:\program files\videolan\vlc\lua\meta\art\02_frenchtv.luac svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7205_32x32x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8041_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebooksmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongrouplargetile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\msinfo\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\lua\http\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\object.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\rectangle.png svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_11s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ae_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\download.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\s_filter_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peoplemedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\kiss.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_sortedby_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\bike.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-96_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorwidetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\nub.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_ja.jar svchost.exe File created C:\program files\windowsapps\microsoft.windowscalculator_2017.131.1904.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\testdrive.ps1 svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsfra.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.concurrent_1.1.0.v20130327-1442.jar svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gn_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_comment_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\line.cur svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_concrete.dxt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionmedtile.scale-150.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar svchost.exe File created C:\program files\videolan\vlc\plugins\stream_extractor\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleapplist.targetsize-64.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\jpegsurface\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\timebackground.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg3_thumb.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\apple-touch-icon-144x144-precomposed.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\belike.tests.ps1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\spacer\2px.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\standards_poster.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages_de.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailmediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\iheart-radio.scale-100_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\zipfs.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscameralargetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\planecutmove.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4774_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-outlook.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\mail.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storemedtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\javascript_poster.jpg svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\paintstudio.viewelements.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tripeaks\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\effects\effects_lobby_fireworks.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cu_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\sat_logo_2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windows nt\tabletextservice\tabletextserviceyi.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\_resources\2.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photossmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2875_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\selector.js svchost.exe File created C:\program files\videolan\vlc\lua\http\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-16.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\google\chrome\application\81.0.4044.129\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\complete.contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\navcolumn_black\icon_printer settings.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubapplist.scale-100_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\he-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecorderlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\videolan\vlc\locale\hi\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\326_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailwidetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\fi-fi\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_zh_cn.jar svchost.exe File opened for modification C:\program files\videolan\vlc\news.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-48_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\jawt.h svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\meta-inf\eclipse_.rsa svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square310x310\paintlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-64_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dummy.dic svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example1.diagnostics\diagnostics\simple\example1.diagnostics.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\largelogo.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\control_1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-outlook.scale-250.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storebadgelogo.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square44x44logo.targetsize-24.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themedownload\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\mobile\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\dismiss.scale-80.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_sv_135x40.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winxpblue.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timermedtile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_illuemptyfolder_160.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\languagenames2\displaylanguagenames.en_us.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\16.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\freecell\respacks\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\stickyselection.scale-140.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\acroform\pmp\adobepdf417.pmp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\close2x.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\meipreload\preloaded_data.pb svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\viewer\viewenv.hdr svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\gimme_five_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-googlecloudcache-dark.scale-180.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\beoftype.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.servlet.jsp_2.2.0.v201112011158.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\selectall.scale-180.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\13d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangemediumtile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\addressbook2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\editpdf.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\es-419_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\security\us_export_policy.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubstorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\playbutton.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\videos\help\smartselect.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\resources\fonts\stormdl2c.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\themes\dark\arrow-left.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_cateye.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\ellipsis_16x16x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6365_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\da-dk\ui-strings.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\toolkit\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\pf_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-gb\en-gb_female_tts\platform_format.lua svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\6.rsrc svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\packagemanagement\1.0.0.1\packagemanagement.format.ps1xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\move.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\highfive.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapslargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebooksmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarbadge.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-32_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\themes\dark\icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-80_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6584_24x24x32.png svchost.exe File created C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\diagnostics\comprehensive\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\notification_plugin.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscamerasmalltile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4694_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\largetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\cloud_secured.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\internet explorer\en-us\iexplore.exe.mui svchost.exe File opened for modification C:\program files\videolan\vlc\locale\pt_br\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photosmedtile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\badgelogo1.targetsize-24.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvmstat.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\edit_r_full.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\next-arrow-disabled.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\jfr\default.jfc svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\logging.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_cylinder.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\nu_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-20_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_he-il.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\lt_60x42.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\cmm\pycc.pf svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\trace.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-36_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionmedtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\assets\square150x150logo.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\inline-error-2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\moon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tiles\shadow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\largelogo.scale-200_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-attach.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\rotate.scale-140.png svchost.exe File created C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\autogen\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\mozilla firefox\browser\blocklist.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\9.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailmediumtile.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\193.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\preview.scale-100_layoutdir-rtl.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailwidetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_cs_135x40.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\[email protected] svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\sat_logo_2x.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscamerasmalltile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\guicommon.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\hide_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\hug.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslogoextensions.targetsize-24.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\no.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\hud\titlegrid.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-36.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gm_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\tips_1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\sheep.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\speech\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-awt.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-common.jar svchost.exe File created C:\program files\videolan\vlc\locale\mn\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\dialogs\equalizer_window.html svchost.exe File opened for modification C:\program files\windows defender\en-us\offlinescannershell.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\fileicons\filelogoextensions.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\starclub\challenge_freecell.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_ru_135x40.svg svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\supplementaldictionaries\en_gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\largetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\windows media player\en-us\wmplayer.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timersmalltile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\thirdpartynotices_arkadium.txt svchost.exe File created C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\office16\office setup controller\pkeyconfig-office.xrm-ms svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\texture_bg.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\styling\css\phonedark.css svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\fonts\lucidasansregular.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\simplify.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmssmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\livetiles\searchwide.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\un_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3569_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\jfr\default.jfc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\peoplelargetile.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-60.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-96_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclockwidetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\courierstd.otf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\belessthan.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\zh-cn\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\win32\jni_md.h svchost.exe File opened for modification C:\program files\mozilla firefox\browser\features\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\_resources\index.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-20.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\selection-action-plugins\cpdf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\lib\locale\jfluid-server_zh_cn.jar svchost.exe File opened for modification C:\program files\windows defender\en-us\msmpresl.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\153.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\xaml\onenote\searchui.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bn_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-48_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\facebookprofilepicturecontrol.xbf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_sortedby_selected_18.svg svchost.exe File opened for modification C:\program files\common files\system\ole db\oledbvbs.inc svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\surprised.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\xboxflow\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectstorelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\aw_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\apppackagewidetile.scale-125_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\appcs\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1850_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangewidetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecorderlargetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.5efe4060.pri svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\windowspowershell\modules\packagemanagement\1.0.0.1\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebooksmalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\hr-hr\ui-strings.js svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\msbuild\microsoft\windows workflow foundation\v3.5\workflow.targets svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\herohelp\scenario3rtl.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\oneconnectmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.2bb76f1c.pri svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\readme.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\marathon_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipscsy.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\undo\undo-press.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\bun.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-30_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\microsoft.wallet.background.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-32_altform-unplated_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\brushprofile\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\strings\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\text\legaldisclaimer.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10191_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\largetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\pdf.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-dark.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\review_email.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\core\locale\org-openide-filesystems_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\largelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square44x44logo.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-100_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\themes\dark\faf_icons_retina.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\redrectangle.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-16_altform-unplated.png svchost.exe File created C:\program files\windowspowershell\modules\psreadline\1.2\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup-impl.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-loaders.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\dailychallenges\tile5_diamond.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_2017.203.236.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsel.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\attribution\holiday_weather.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\klondike\blizzard-of_bliss_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6478_24x24x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim1.surprise.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_spiral.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\976_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\heidy.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsmedtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\checkmark-2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailmediumtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore\resources\assets\rt_icons_splat_42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\hu-hu\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\he-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\sv-se\playstore_icon.svg svchost.exe File created C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\autogen\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\moon_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.awards\assets\3_awards_years_base.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-48_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\endgame_blue_up.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\phone.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\belike.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\example_icons2x.png svchost.exe File opened for modification C:\program files\windows media player\en-us\wmpnssui.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8498_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\snooze.scale-80.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\en_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebooklargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\giveup\giveup-up.mobile.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\boxed-join.avi svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsmalltile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\close.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.base.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\cldrdata.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4632_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\as_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\examples\calculator\add-numbers.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\folderorganizationcalloutimage.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-36.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\breakandcontinue.tests.ps1 svchost.exe File opened for modification C:\program files\windows media player\en-us\wmpmediasharing.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mv_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmaillargetile.scale-200.png svchost.exe File opened for modification C:\program files\7-zip\lang\sk.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\security\cacerts svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\splashscreen\microsoftstudioslogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagewidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\smalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\dialogs\create_stream.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-96_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\_resources\0.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailmediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-google.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\smalllogo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\cross.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\mail.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\mobilescancard_light.pdf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_cn.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\requests\vlm.xml svchost.exe File opened for modification C:\program files\videolan\vlc\new_skins.url svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\161.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_dognose.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangesmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7205_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\hr-hr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tripeaks\goal_3.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\cardbacks\cardback3.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1849_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\star.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\mapslargetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peoplesplashscreen.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\themes\dark\rhp_world_icon_hover_2x.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\samplecompetitor1.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\nativeproxies.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-64_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\close.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.advertising\bootstrap.js svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\arrow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7316_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\preview.scale-200_layoutdir-rtl.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\css\tool-selector.css svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-30.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\sl-si\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.di.extensions_0.12.0.v20140417-2033.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\videolan\vlc\locale\zu\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedmedtile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2876_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bv_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\organize.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\themes\dark\example_icons.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themeless\close.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\popup\daycompletedpopupimage.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\spider\respacks\gameplayspider.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\storelogo\paintapplist.scale-400.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\sv-se\ui-strings.js svchost.exe File created C:\program files (x86)\windowspowershell\modules\pester\3.4.0\bin\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ko-kr\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\heroapptile.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square71x71logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ro_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedsplash.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorstorelogo.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\en-gb\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\popup\pop_up_error.png svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\3dbrush\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6478_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\office.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsplashlogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\lk_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-72_altform-unplated_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6924_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\gameend_preview_image.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ua_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\fue_3_1.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\malthe.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\high-contrast.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\dc_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\awards_gold.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\gamemodepyramid.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\goal_5.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\lipssealed.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-64.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_listview.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-fallback.xml svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim1.surprise.small.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\se_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsmalltile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-30_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-24_altform-unplated_contrast-high.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\en-us\about_beforeeach_aftereach.help.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_saveautomatically_ltr_phone.mp4 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\core_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-60.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\idpvalueassets\pcmobilevalueprop.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\28.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\kp_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\en-il\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\stars.htm svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\bin\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\projectionplanar.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailbadge.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\selector.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\compare.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_sendforsignature_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\delete.avi svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailbadge.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\silver_badge_earned.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangewidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\sr.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\pm_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\widelogo.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\splashscreen.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files\7-zip\lang\ms.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_sun.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesplashlogo.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecordersplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-256_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\crown.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\oneconnectsplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\oneconnectlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mn_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\io_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-96_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_2017.131.1904.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-dark.scale-400.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\belikeexactly.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\root\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\plugins\lua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\kr_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\configuration\configuration.sqlite svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameralargetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-nodes.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypemedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6536_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\cstm_brand_preview.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\fue2_image_4.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\menu\menu_black-up.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins3d\drvdx9.x3d svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypelargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxaccountsstorelogo.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\misc\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\pencilbox.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_tilewide.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.news\assets\news_icon-press.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\goal_1.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_replace_signer_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\medtile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-gb.postaladdress.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\sweating.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\plugin.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\zh-tw\playstore_icon.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1937_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\rs_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypemedtile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\flower.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4694_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangewidetile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\cloud_icon.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_download_pdf_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xecd0.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\saveasrtf.api svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\themes\dark\rhp_world_icon_hover.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscamerawidetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_fillandsign_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\security\blacklisted.certs svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\cmm\linear_rgb.pf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\communityinterop.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-36.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-32_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_2019.16112.11621.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-36_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ms_60x42.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\security\javaws.policy svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\kb-locked.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\garden.htm svchost.exe File opened for modification C:\program files\stepmeasure.mpg svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\dialogs\error_window.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxaccountsstorelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_illudcfilesempty_180x180.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\chess.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangesmalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\sk.pak svchost.exe File created C:\program files\windows mail\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\bow.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fr_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\css\main.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\goal_2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1251_48x48x32.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\vsto\vstoee100.tlb svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6701_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\offsymsb.ttf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-16_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\achievementunlocked.mp3 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxbadge.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-48_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectstorelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ru_60x42.png svchost.exe File opened for modification C:\program files\setenter.aifc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarlargetile.scale-150.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\images\video-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\smooth.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\da-dk\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecordermedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\offihub_base_priinfo.pri.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_gravel.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-outlook.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-96_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\7-zip\lang\hu.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-keyring.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\js\controllers.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscameramedtile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\logo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\freecell\guard_duty_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\retry_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorstorelogo.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\back-arrow-disabled.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\jawt.lib svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\34.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skype_titlebar_logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\xboxidp.native.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\12h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg5_thumb.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7e3.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\diagnostics\simple\simple.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\splashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\images\officehublogo_310x310.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\peoplesplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg6_thumb.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storelargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\plugins\rhp\combinepdf-selector.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\cmm\gray.pf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim2.wink.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\calendar\ribbonicon.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\hu-hu\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\meta-inf\eclipse_.rsa svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\hud\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1250_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-gb\en-gb_female_tts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_download_pdf_18.svg svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-io.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-googlecloudcache-dark.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\arrow-right-pressed.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\reset.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\skype.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\herohelp\scenario2.png svchost.exe File created C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\dialogs\offset_window.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-dark.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6528_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebooklargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\je_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-text.xml svchost.exe File created C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangelargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\storeratingpromotion.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-32_contrast-white.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\sv-se\tipresx.dll.mui svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\medtile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\giveup\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\1h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\za_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-us.postaladdress.model svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\cstm_brand_preview.png svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\msado21.tlb svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\office.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\save.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\themes\dark\arrow-right.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6449_72x72x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditmoment.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\new_icons.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\radialcontrol\tiltup_e809_normal_white_64x64.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\epl-v10.html svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\smtp.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\goal_3.jpg svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\appuri.model svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\cs-cz\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.properties svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ru\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mu_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photoswidetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\icons\jit_rich_capture.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\css\main-selector.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2653_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-96_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\7-zip\lang\fi.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4583_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\smalltile.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\winsdkfb\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\certificates_r.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\vi_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\es-es.phonenumber.model svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages_de.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-200_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_10h.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\homebanner_dark.pdf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-30_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\fi_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\il_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-96_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\core\locale\core_zh_cn.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10911_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-exchange.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-64.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.news\assets\news_icon-up.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagelargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\zm_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\resources\retaildemo\data\en-us\1.jpg svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\navigationicons\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\duplicate.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\bun.png svchost.exe File opened for modification C:\program files\7-zip\lang\en.ttt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\group.scale-140.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\premium_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_nose.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\projectionspheric.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shuttle.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-white_targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\music_offline_demo_page3.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebooklargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-light.scale-300.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\en-gb\ui-strings.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\cs\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackagesmalltile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\xmloffkeys\keys_offver12.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6416_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\sv-se\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\adobe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\networkservercontrol svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\apppackagesmalltile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.awards\assets\awards_corner_gray.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x86__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorstorelogo.scale-100.png svchost.exe File opened for modification C:\program files\7-zip\lang\zh-tw.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ee_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmaillargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\livetiles\microsoftsolitairesmalltile.scale-100.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-exchange.scale-250.png svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\oneconnectsplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditmoment.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8080_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\css\main-cef-mac.css svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\ja-jp.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\talktothehand.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubsplashsquaretile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-30_altform-unplated.png svchost.exe File created C:\program files\common files\microsoft shared\ink\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\nl\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailbadge.scale-125.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_cn_5.5.0.165303\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.descriptorprovider.exsd svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\apptiles\storelogo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4642_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windows photo viewer\en-us\photoacq.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailbadge.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-100_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_cn.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\js\common.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackagelargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\zoom_out.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\mapssplashscreen.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\css\main-selector.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\collection_base.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\javafx-src.zip svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\selection-actions.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\it-it.messaging.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmaillargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-nodes.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\tryagain\tryagain-over.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsplashlogo.scale-300.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore\resources\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\plugin.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\da_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\new-fixture.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubwidetile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-80_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\py_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\applist.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\selector.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubbadgelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\fingerscrossed.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarlargetile.scale-400.png svchost.exe File created C:\program files\common files\microsoft shared\ink\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\11.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\hr\lc_messages\vlc.mo svchost.exe File created C:\program files\videolan\vlc\plugins\d3d9\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailmediumtile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\css\main.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4694_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\de-de\ui-strings.js svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\abbreviations\en_gb\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-black_targetsize-40.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\bn\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\images\ratings\yelp2.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\widetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\next-arrow-hover.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\line.cur svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\mapsmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\registry.dat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\shake.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\tool-search-2x.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\visualelements\logodev.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1250_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5311_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\images\themeless\mobile_fillsign_logo.svg svchost.exe File opened for modification C:\program files\videolan\vlc\locale\mk\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windows media player\network sharing\wmpnss_color120.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-dark.scale-300.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-options.jar svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\effects\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7734_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files-select\css\main-selector.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\daily_challenge_coins hit progress bar.wav svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionlargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\sunshine.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailwidetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\videolan\vlc\hrtfs\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photossmalltile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\s_listview_18.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\effects\effects_lobby_bubbles.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\effects\effects_lobby_none.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_13d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebookmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.resource\xbox.smartglass.loc.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\fr-fr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\themes\dark\sample-thumb.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\peacock.htm svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins3d\prcr.x3d svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\system\ado\msadomd28.tlb svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\badge-animation_2.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\el.pak svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\largetile.scale-125.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\version.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_ja-jp.respack svchost.exe File created C:\program files\videolan\vlc\locale\et\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\3.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apppackagesplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_2016.511.9510.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-light.scale-300.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\improved-office-to-pdf-2x.png svchost.exe File created C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5664_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-96_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\offsymxl.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins3d\tesselate.x3d svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\powershellget\1.0.0.1\powershellget.psd1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\about.html svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\security\java.policy svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\td_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookiconfirstruncalendar.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\giveup\giveup-over.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\pagebackground.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\rotate.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1938_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsplashlogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\images\example_icons.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\bin\javacpl.cpl svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_~_kzf8qxf38zg5c\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\css\main-selector.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.service.exsd svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-80_altform-unplated_contrast-black.png svchost.exe File created C:\program files\windowspowershell\modules\pester\3.4.0\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\zh-tw.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3838_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-72_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1250_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6918_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\largelogo.scale-100_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\jvm.hprof.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\es-es.phonenumber.sms.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\adobe_sign_tag.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-96.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\checkpointoptimize.docx svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\194.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\dog.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\share_icons.png svchost.exe File created C:\program files\videolan\vlc\locale\ach\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\40.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxlargetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square44x44logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\badges_gold.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\is_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-remote.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-icons_228ef1_256x240.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-96_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\splashscreen\premium.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\themes\dark\bg_pattern_rhp.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\gameoverpopup_d.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\flipping_out_.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_backarrow_default.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-queries.jar svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-30_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\square44x44logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongrouplargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-24.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.2.24002.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_1s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square71x71\paintsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\peoplemedtile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\ir.idl svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\images\ratings\yelp3.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_wedge.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\6px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-24_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4694_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\assets\logo40.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypelargetile.scale-125_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\resources\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8196_32x32x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsplashlogo.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\endgame_blue_down.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7205_24x24x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\meta-inf\eclipse_.rsa svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\mobile\en-gb\doc_offline_getconnected.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\become_a_star_.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-api.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\images\folder-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peoplesmalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscameralargetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim2.wink.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\talking.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\fm_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\default_apps\external_extensions.json svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\zh-cn\tipresx.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\security\blacklist svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\license.html svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\helpicon_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\icons_icon_pop_sm.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\effects\effects_lobby_snow.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackagestorelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\apppackagestorelogo.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesplashlogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_gb\license.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\tryagain\tryagain-press.mobile.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\medtile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.msn.controls\endoflife\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\goal_4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\offsymsl.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\businessbarclose_16x16x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mr_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ar-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesplashlogo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmaillargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\txp_package.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-16_altform-unplated_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_sunglasses.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe81b.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\largetile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\internet explorer\en-us\hmmapi.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\microsoft.xbox.smartglass.controls\textentry.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-256.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\selection-action-plugins\epdf\selector.js svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\adojavas.inc svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_rainbow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\priidu.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\css\main-selector.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\toc.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\completecheckmark2x.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\msinfo\en-us\msinfo32.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\widetile.scale-100.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\hwrusalm.dat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\largelogo.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\sl-si\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypeapplist.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscamerasmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\5.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ar_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\256x256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\onenote_whatsnew.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailsmalltile.scale-200.png svchost.exe File created C:\program files\windowspowershell\modules\pester\3.4.0\bin\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\da_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\de-de\playstore_icon.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-32_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\oneconnectlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\largelogo.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\core_icons_retina.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-40.png svchost.exe File created C:\program files\videolan\vlc\plugins\video_splitter\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\blushing.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windows media player\en-us\wmpnssci.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebookmedtile.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\s-1-5-21-1231583446-2617009595-2137880041-1000-mergedresources-0.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\livetiles\directionswide.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\playstore_icon.svg svchost.exe File created C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\microsoft.advertising\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedsmalltile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\microsoft.vclibs.x86.14.00.appx svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\turkish.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\org-netbeans-modules-profiler_visualvm.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclockmedtile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\5.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\75.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_sand.dxt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-light.scale-125.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsplashlogo.scale-125.png svchost.exe File created C:\program files\videolan\vlc\locale\fy\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedmedtile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\relivesurfaces\sequence\relivesequencecontrol.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-64.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\locale\updater_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_sl-sl.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\swipeteachingcalloutarchiveimage.layoutdir-ltr.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypelargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\storelogo.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filter_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_1s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\delete_12x12.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\none.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5313_40x40x32.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\setupteardown.ps1 svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmssplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-40.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\livetiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\license.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\core\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-30.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\example_icons2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\action_poster.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopenincinemagraph.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecordersplashscreen.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windows security\browsercore\manifest.json svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\apppackagelargetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10912_48x48x32.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldnotexist.snippets.ps1xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.msn.shell\themes\glyphs\font\weathercoloricons.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3490_20x20x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\zh-cn_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscamerasplashscreen.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\resources.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\lockscreenlogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_tetrahedron.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleapplist.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\context.snippets.ps1xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages_ja.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\musicstorelogo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar svchost.exe File created C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailwidetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20140512-1650.jar svchost.exe File opened for modification C:\program files\reference assemblies\microsoft\framework\v3.0\winfxlist.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_planet.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\sunpkcs11.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square71x71logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\light burst.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookaccount.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ar-ae\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\iceland.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\fonts\lucidabrightdemiitalic.ttf svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\management-agent.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square310x310\paintlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypewidetile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\index.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-40_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7260_40x40x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\styling\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_filter-hover_32.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_12d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\storelogo\paintapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmaillargetile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\appcenter_r.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\cef_extensions.pak svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\hr_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\fillandsign.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\compare-2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-96.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\icons_ie8.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\livetiles\microsoftsolitairemedtile.scale-125.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\holoassets\hololens_headtracking.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\bn_in\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\ui_collapsing.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\th_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7834_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangemediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-outlook.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-24_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contactphoto.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubmedtile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\images\cursors\win32_linknodrop32x32.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangelargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-20_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\images\ratings\yelp4.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarlogoextensions.scale-48.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\clicktorun\c2rheartbeatconfig.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\handset_white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\cs.pak svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\gu.pak svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\css\main.css svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\eml.scale-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\txp_flight.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\music.png svchost.exe File created C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-96_contrast-black.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-uihandler.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\badgelogo\paintapplist.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_checkbox_unselected_18.svg svchost.exe File opened for modification C:\program files\windows nt\tabletextservice\tabletextservicearray.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apppackagestorelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_folder-hover_32.svg svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\fonts\lucidasansdemibold.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-256_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-24_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\kz_60x42.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\handprints.jpg svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\msado27.tlb svchost.exe File opened for modification C:\program files\7-zip\lang\uz.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-32_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-light.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarwidetile.scale-125.png svchost.exe File created C:\program files\common files\microsoft shared\ink\fsdefinitions\osknumpad\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\newscene.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\7-zip\lang\ta.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotewidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\sign-in-2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\base_rtl.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\whew.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\gamerpics.winmd svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\vgx\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tiles\pyramid.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\smalltile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\28.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5666_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.alert_5.5.0.165303.jar svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\styles\wefgallerywinrt.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-24_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\s_filetype_xd.svg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldnotexist.snippets.ps1xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.advertising\bootstrap.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ci_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-60_altform-colorize.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\planecutkeeptop.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photosmedtile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\s_filetype_psd.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1725_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\binglocalsearchservice.winmd svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\match.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-uihandler.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\1c.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\s_close.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapssmalltile.scale-200.png svchost.exe File created C:\program files\common files\system\ole db\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.runtime_3.10.0.v20140318-2214.jar svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\vsta\appinfodocument\addins.store svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\12c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubbadgelogo.scale-100_contrast-high.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\fr-ma\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\intf\telnet.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\fileicons\filelogoextensions.targetsize-32.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-256_contrast-white.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\chocolateyinstall.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\pt_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tl_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-light.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailmediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\nl_get.svg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\exist.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_12c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongrouplargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\nc_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangesmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\widetile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-40.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\jsse.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_pignose.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bs_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mo_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\smsintercept.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_2017.113.1250.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleapplist.targetsize-256.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\relivesurfaces\preview\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-30_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-60_altform-unplated_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ja\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.smile.small.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.scale-150.png svchost.exe File created C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-dark.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\hud\numbergrid.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\star.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-googlecloudcache-light.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\widelogo.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\reference assemblies\microsoft\framework\v3.0\subsetlist\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\hi.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarmediumtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\menu\menu-up.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\google\chrome\application\81.0.4044.129\widevinecdm\_platform_specific\win_x64\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\storelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-48_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\am_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-20.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\searchredo.m2t svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\fue_1_1.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\tips_3.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\326_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-awt_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_kiss.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_ninjacat.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cm_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_2019.16112.11601.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-125_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\supplementaldictionaries\en_gb\excluded.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timerwidetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\ratings\yelp9.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files-select\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\office16\1033\getofficecarousel.dcp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-96_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_olv.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6478_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-64_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\zm_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\base_altgr.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_ja.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\modules\common.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmaillargetile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\logo_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\widelogo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-dark.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\az_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-40_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml svchost.exe File created C:\program files\videolan\vlc\locale\si\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10912_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangewidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore.winmd svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_filter-default_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-64.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3838_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\cash.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5311_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\hi_contrast\core_icons_hicontrast_wob.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\meta-index svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\arrow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagesmalltile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ko\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxaccountssplashlogo.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\email_all.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-windows.jar svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\31.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3007_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsmalltile.scale-100.png svchost.exe File created C:\program files\common files\microsoft shared\ink\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\pl_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\cpdf_rhp.aapp svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_cateye.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-32_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\eu_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_2015.7906.42257.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\medtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-48_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim1.smile.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotereplay_white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\planecutmove.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\badgelogo\paintapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-googlecloudcache-light.scale-240.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\progress_spinner_dark.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\goal_7.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_unshare_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7205_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\autogen\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\xs_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\9724_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-exchange.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\reviewers.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\arrow_icon.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubmedtile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\javafx.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatormedtile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-16_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-24_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\lib\locale\jfluid-server_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditmoment.contrast-high_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1937_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\shadesofblue.jpg svchost.exe File opened for modification C:\program files\videolan\vlc\locale\eu\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-gb.postaladdress.model svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\txp_flight_dark.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\cortanacommands.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-60_altform-unplated_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\icons_ie8.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\pt-br\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages_zh_tw.properties svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.security_1.2.0.v20130424-1801.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\badgelogo1.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cl_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\smalltile.scale-100.png svchost.exe File created C:\program files\videolan\vlc\plugins\video_chroma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-64_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\projectionplanar.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\context.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\a12_spinner_int_2x.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-masterfs-nio2.jar svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\text\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorlargetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmaillargetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_ellipses_selected-hover.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\split.avi svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\ant-javafx.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\1s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\meta-inf\eclipse_.sf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apppackageapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\xboxcontrol\xbox-over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-60.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\largelogo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square44x44\paintapplist.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailwidetile.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_2017.209.105.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\system\msadc\en-us\msdaremr.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer_3.2.200.v20140827-1444.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup-impl.xml svchost.exe File created C:\program files\videolan\vlc\locale\bs\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\icon_printer.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameramedtile.contrast-white_scale-100.png svchost.exe File created C:\program files\videolan\vlc\locale\bn\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\km_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailbadge.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_delete_18.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages_pt_br.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagemedtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsplashlogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-googlecloudcache-light.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\acrobat_pdf.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\css\main.css svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windows media player\media renderer\renderingcontrol_dmp.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbyclient.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\pin\155x105.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmaillargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\svgcheckboxunselected.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\peacock.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\rotate.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\spider_menu_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\peoplemedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchsmalltile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangelargetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_filterselected-disabled_32.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\goal_1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\sv-se\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\reference assemblies\microsoft\framework\v3.0\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5478_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_pl_135x40.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peoplewidetile.scale-200.png svchost.exe File opened for modification C:\program files\7-zip\lang\co.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\show_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosmedtile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\images\ratings\yelp10.scale-100.png svchost.exe File opened for modification C:\program files (x86)\windows media player\media renderer\dmr_48.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\square310x310logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gg_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-24_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-48_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\review_rhp.aapp svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\ja-jp\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\worried.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\s-1-5-21-1231583446-2617009595-2137880041-1000-mergedresources-0.pri svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-us\en-us_female_tts\skin_en-us_female_tts.lua svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_it.jar svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\beoftype.ps1 svchost.exe File opened for modification C:\program files\7-zip\lang\yo.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\pk_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7cb.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_ca\readme_en_ca.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-36.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\hu-hu\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\relivesurfaces\zoompan\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\themes\dark\arrow-right-pressed.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-72_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.p2.ui.overridden_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar svchost.exe File opened for modification C:\program files\videolan\vlc\locale\te\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorwidetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square44x44logo.targetsize-48.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\common files\system\msadc\adcjavas.inc svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\applist.scale-125_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\sr-latn-cs\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\images\cursors\win32_copydrop32x32.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\goal_7.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\office365logowlockup.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\productcascadejda27ptswithlbflowend.mdl svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\alphabet.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\setnetworkservercp.bat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\autumn.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\aquariumdeck4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\classic.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagelargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7656_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\illustrations_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\he-il\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\de.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapslargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\vn_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-40.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_remove_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar svchost.exe File opened for modification C:\program files\windows media player\media renderer\dmr_48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedapplist.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\images\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\management\management.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecorderwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\statistics.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlogoextensions.targetsize-40.png svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\bin\server\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\af\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubsplashwidetile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\purchaseapp.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarmediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_2016.511.9510.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\splashscreen.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\multimedia\mpp\quicktime.mpp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\line_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\bike.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6124_40x40x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\requests\playlist.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecordermedtile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\dc_holderunearned.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ba_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ng_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\fillandsign.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\s_close_h2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-dialogs.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-light.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\radialcontrol\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\en-il\ui-strings.js svchost.exe File created C:\program files (x86)\windows mail\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\accessibility.properties svchost.exe File opened for modification C:\program files\measureshow.xlsb svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\surfaceprofiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example3.diagnostics\1.1.1\diagnostics\simple\example3a.diagnostics.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldbelessthan.snippets.ps1xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\staricon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\forms_received.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\cstm_brand_preview2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\10.jpg svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkhandle.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_ru-ru.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themeless\s_thumbdownoutline_22_n.svg svchost.exe File created C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\oc\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagemedtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapswidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-80_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\aic_file_icons_retina_thumb.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\navigationicons\nav_icons_settings.targetsize-48.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\draghandle.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapssmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\tournamentheaderspider.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\configuration.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotemediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6416_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\distribute_form.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\tips_3.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\commoneffects.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\splashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\export.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\it.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-dark.scale-250.png svchost.exe File created C:\program files\common files\microsoft shared\source engine\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\_resources\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10909_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebookwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gh_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxlargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-32_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\css\main.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\mask_corners.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\root\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\locale\fa\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows media player\network sharing\wmpnss_color32.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\hr-hr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sc_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\group.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-256_contrast-black.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\mobile_equalizer.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\planecut.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\smalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\zh-hk_get.svg svchost.exe File created C:\program files (x86)\common files\microsoft shared\ink\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\commonutils.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipshrv.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-light.scale-400.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\micaut.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-24_altform-unplated_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\jdwptransport.h svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\klondike\snowfall_success_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\speechless.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebooksmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotewidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesplashlogo.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\livetiles\directions.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\microsoft.xbox.smartglass.controls.winmd svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\new-fixture.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\cy.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\167.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-30_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7989_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\largetile.scale-100.png svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\lib\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\microsoft.stickynotes.views\images\loading.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsmedtile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-96.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\s_empty_folder_state.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagemedtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotewidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\symbols\symbase.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\82.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsmedtile.contrast-white_scale-200.png svchost.exe File created C:\program files (x86)\windows nt\accessories\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ss_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscamerasplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1949_24x24x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\core.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\mozilla firefox\plugin-container.exe.sig svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscamerawidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_nl-nl.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peoplelargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\19.rsrc svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldexist.snippets.ps1xml svchost.exe File created C:\program files\common files\microsoft shared\ink\languagemodel\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_clipandadd_ltr_tablet.mp4 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\themes\dark\core_icons.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\smalllogo.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\largetile.scale-200.png svchost.exe File created C:\program files (x86)\windows defender\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1850_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\hi_contrast\aic_file_icons_hicontrast_wob.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\tipres.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\colored.fx svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_fi_135x40.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10911_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\8.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\close_x.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\es-es\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxmediumtile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapssmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_sendforcomments_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\es-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-en_us_2x.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\images\cursors\invalid32x32.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\0.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\constantsperframe.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesplashlogo.scale-200.png svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\msado25.tlb svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timermedtile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-36_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionsmalltile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\benullorempty.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bi_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\xj_16x11.png svchost.exe File created C:\program files\videolan\vlc\locale\fur\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-125_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\smiley face_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\livetiles\microsoftsolitairesmalltile.scale-125.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_fur.dxt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-heapdump.xml svchost.exe File created C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\lua\http\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\in_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-36_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\mobilescancard_dark.pdf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\wide310x150\paintwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gd_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_2017.113.1250.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_sortedby_up_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\google\chrome\application\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\tr-tr\tipresx.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\tools.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\storelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2475_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-light.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim1.sad.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6486_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\new_icons_retina.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\angry.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\vg_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filterselected-dark-disabled_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\de-de\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-96_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-us\en-us_female_tts\common.lua svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css svchost.exe File created C:\program files\videolan\vlc\plugins\video_filter\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\brokenheart.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhublargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-80.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_unshare_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_gb\wordnet_license.txt svchost.exe File created C:\program files (x86)\common files\microsoft shared\vsta\pipeline.v10.0\addinsideadapters\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\backgrounds\background2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_2017.131.1904.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-dark.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\ratings\yelp6.scale-200.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsnor.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\density_hard.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.2.24002.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\11c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storelargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\3_badges_silver.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.454.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ca-es\ui-strings.js svchost.exe File created C:\program files\common files\microsoft shared\ink\fsdefinitions\oskmenu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\13h.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\zh-cn\playstore_icon.svg svchost.exe File created C:\program files (x86)\windows photo viewer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-dark.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\centerview.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionlargetile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\ro-ro\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\logo.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6536_24x24x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_en-gb.respack svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongrouplargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmaillargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ja-jp\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\swipeteachingcalloutarchiveimage.layoutdir-rtl.gif svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\particles.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2708_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7d4.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-100_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\197.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubsplashsquaretile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapssplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\contrasteffectps_bgra.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-googlecloudcache-dark.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2210_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-256_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\hi_contrast\core_icons_hicontrast_bow.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\images\other-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\assets\splashscreen.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\sl-sl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\om_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\find-text-2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\oliver.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7813_32x32x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\icons.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\wide310x150logo.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\themes\dark\arrow-up-pressed.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\xaml\onenote\capturethumbnailimagecontrol.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\rw_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\ro-ro\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css svchost.exe File opened for modification C:\program files\windows defender\defendericon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_tilewide.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-util-lookup_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\dropdownarrow_16x16x32.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-black\splashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8498_48x48x32.png svchost.exe File opened for modification C:\program files\7-zip\lang\vi.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_10h.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\pl_get.svg svchost.exe File opened for modification C:\program files\7-zip\lang\mn.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\fonts\lucidabrightregular.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-40_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\party.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\rw_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x86__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderwidetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\pizza.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\css\plugin-selectors.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\[email protected] svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\splashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\styles\wefgalleryonenote.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3569_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-dark.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-80_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-24_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-swing-outline.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecordermedtile.contrast-black_scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\sr-cyrl-cs\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipssve.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\hololens\en-us\toc.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\widetile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\bg_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\artifacts.xml svchost.exe File opened for modification C:\program files (x86)\windows media player\en-us\mpvis.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_cone.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscameramedtile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\glow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\nl_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-outlook.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxbadge.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\add_reviewer.gif svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\ca.pak svchost.exe File opened for modification C:\program files\internet explorer\images\bing.ico svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchmedtile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\exist.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml svchost.exe File opened for modification C:\program files\mozilla firefox\omni.ja svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\by_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotewidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypemedtile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagelargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-36_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-light.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storemedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tz_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7260_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\largetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\plugin.js svchost.exe File opened for modification C:\program files\7-zip\lang\mr.txt svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\punch.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\smalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\clicktorun\servicewatcherschedule.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-36_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example2.diagnostics\1.0.1\example2.diagnostics.psd1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\x.cur svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.ui_4.0.100.v20140401-0608.jar svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\microsoft.system.package.metadata\resources.857e5af3.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\coffee.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\157.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscamerasplashscreen.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\solve\autosolve_button_over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldthrow.snippets.ps1xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\example_icons2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\fi-fi\appstore_icon.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\az_get.svg svchost.exe File opened for modification C:\program files\completedeny.pot svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages_fr.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_badgelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\39.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-gb.messaging.config svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\badgelogo\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\splashscreen\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\microsoft.xbox.smartglass.controls\canvas.xaml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\herohelp\scenario3.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\traintrackstraight.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mt_16x11.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\pester.psm1 svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\movie-tvstorelogo.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\email.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_13s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8794_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxbadge.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peoplelargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\widelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\example_icons2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\3dbrush\round18-10.wts svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\about.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\tips_5.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-64.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\pa\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\classic_speed_run_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\dnsns.jar svchost.exe File opened for modification C:\program files\uninstallconfirm.dotx svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\badges_diamond.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg1.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\weather_tilewide.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timersmalltile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\sl-si\ui-strings.js svchost.exe File created C:\program files\common files\microsoft shared\ink\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\13s.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\server_lg.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\themes\dark\files_icons.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\th\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\paintstudio_model_cx.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\fa.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1937_24x24x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5372_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_gridview.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\text.cur svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\invokeunprotect.wav svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\difficultystar.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailsmalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\css\main.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\copyright svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\classic.mobile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-36_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\hi_contrast\aic_file_icons_hicontrast_bow.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\file_info2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bz_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-16_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\over-arrow-navigation.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\dashboarddefaultthumbnail.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\undo\undo-press.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\icons\pyramid.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\moe_status_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6584_36x36x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsrom.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storemedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\gamebartasks.winmd svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help_3.6.0.v20130326-1254.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\square44x44logo.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\winsdkfb.winmd svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-96_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\office.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\loc\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\locale\en_us\stopwords.enu svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\lt_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\upsell-2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\meta-inf\eclipse.inf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\sunshine.png svchost.exe File created C:\program files\videolan\vlc\locale\sq\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleapplist.targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\adobe_spinner.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\adobe\symbol.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\freecell\alcatraz_escape_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x64__8wekyb3d8bbwe\logo.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-20_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timersmalltile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-dark.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_13s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-black_targetsize-48.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-charts.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\planecut.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\2.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\multiply.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmaillargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\sv-se\ui-strings.js svchost.exe File created C:\program files\reference assemblies\microsoft\framework\v3.5\redistlist\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_nothumbnail_34.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\klondike\snowfall_success_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-32_altform-colorize.png svchost.exe File opened for modification C:\program files (x86)\windows media player\media renderer\renderingcontrol.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim2.surprise.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\applicationinsights.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailbadge.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarmediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\square71x71logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5311_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_organize_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winclassichandle.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\8.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\da-dk\playstore_icon.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.commands_3.6.100.v20140528-1422.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\lv_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\pages_r_rhp.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\zh-cn_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\s_close.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\images\back-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-72_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\peopleappstorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\livetiles\offlinemapswide.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_13c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionmedtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorsmalltile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-outlook.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\meta-inf\eclipse.inf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebookmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggeractionexceptionhandlers.exsd svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\view.html svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmslargetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\976_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypeapplist.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-dark.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxlargetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tk_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\hr-hr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\logo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-24_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\holoassets\hololens_handtracking.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\a12_spinner.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\symbol.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorwidetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-outlook.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\themes\dark\cloud_secured.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-white_targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_cn.jar svchost.exe File created C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7296_40x40x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.continuation_8.1.14.v20131031.jar svchost.exe File opened for modification C:\program files\videolan\vlc\locale\fy\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\locale\cy\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\mask_corners_jack.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_ear.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6365_32x32x32.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\solve\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\export.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\smalltile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\images\cursors\win32_movedrop32x32.gif svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\tripeaks\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-20.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\illustrations_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\new_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\oskmenu\oskmenubase.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\about.html svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsplashlogo.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\requests\status.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gn_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1949_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-80.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\ro-ro\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\comdll.x.manifest svchost.exe File created C:\program files\common files\microsoft shared\ink\sr-latn-rs\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\goal_5.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\freecell_bp_920.jpg svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\changelog.md svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-32_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\zxing.winmd svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-gb\tipresx.dll.mui svchost.exe File created C:\program files\videolan\vlc\plugins\services_discovery\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-dark.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-exchange.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangemediumtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\download.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker_1.1.200.v20131119-0908.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_logosmall.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-60_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages_sv.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\weather_tilesmallsquare.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5606_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\iheart-radio.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages_es.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangebadge.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\css\main-selector.css svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-icons_ef8c08_256x240.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-64_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected] svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_1c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\fonts\symbol.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchlargetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\microsoft.xbox.smartglass.winmd svchost.exe File created C:\program files\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\bug.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar svchost.exe File created C:\program files (x86)\windowspowershell\modules\pester\3.4.0\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecorderlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1937_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\abbreviations\en_us\list.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_cn.jar svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\stars.htm svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubsplashwidetile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-125_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangewidetile.scale-125.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\readme.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-16.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\gameend_strip.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\co_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\cinemagraphdelegate\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\createpdf.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\themes\dark\s_radio_selected_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_ja_135x40.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themeless\s_thumbdownoutline_22_n1.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-48_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tripeaks\goal_4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\credits.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1849_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarmediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-light.scale-250.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\themes\dark\core_icons_retina.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagewidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubgamebar.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmswidetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peoplesplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-api.xml svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-36_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\eml.scale-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\close.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\core\locale\org-openide-filesystems_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\188.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\themes\dark\warning.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\fonts\lucidatypewriterregular.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\spacer\4px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\dull_tauri.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\back-arrow-down.svg svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\ink\en-us\rtscom.dll.mui svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\symbols\ja-jp-sym.xml svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x86__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarwidetile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\index_poster.jpg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\logo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarbadge.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_move_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\peoplelargetile.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\_resources\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\css\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\cmm\pycc.pf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionlargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-20_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\smalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackagestorelogo.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-40_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\forms_distributed.gif svchost.exe File opened for modification C:\program files\7-zip\lang\sr-spl.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4608_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\icon_preview_big.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_marble.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-40_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\common files\system\ole db\en-us\oledb32r.dll.mui svchost.exe File opened for modification C:\program files\7-zip\lang\ro.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\go-mobile-2x.png svchost.exe File opened for modification C:\program files\mozilla firefox\accessible.tlb svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-125_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\object.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10910_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmaillargetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_1c.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\microsoft.powershell.operation.validation.psm1 svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\oval.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\peoplemedtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\lets-get-started.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ye_16x11.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\microsoft.powershell.operation.validation.format.ps1xml svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\font\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.configuration_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\offsymb.ttf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\apptiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.e9aab164.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7813_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-20_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\[email protected] svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\example_icons.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\garden.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedsmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\measure.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\form_responses.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\jfxswt.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\statistics\awardsdefinitions.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\scan-2x.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\loadiconrtl_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\sampleheader\news.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_wood.dxt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\logo.scale-150_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\logo.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\apppackagewidetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mm_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8498_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_2019.16112.11621.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\msbuild\microsoft\windows workflow foundation\v3.0\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\shapecollector.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\meta-inf\eclipse_.sf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\square150x150logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxmediumtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_logosmall.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_pl_135x40.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\fable\fable_cardback.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\in.ps1 svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-36.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\keypad\kor-kor.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotemediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\eu-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ar-ae\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square310x310logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\badgelogo2.targetsize-54.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8201_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-30.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\homebanner.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\selector.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\ro.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\apppackagesplashscreen.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\11c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebookwidetile.scale-400.png svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\sounds\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\iheart-radio.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\s_checkbox_selected_18.svg svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsar.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-336.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\apppackagestorelogo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\collection_grey.png svchost.exe File opened for modification C:\program files\7-zip\lang\id.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_nb-no.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\1d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4627_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\et_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\beeps\common.lua svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-256_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\themes\dark\rhp_world_icon.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\css\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\largetile.scale-125.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\cardbacks\classic.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\fr-fr.phonenumber.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-30.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\apple-touch-icon-114x114-precomposed.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\hi_contrast\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\system\msadc\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsmedtile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\mapsapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\largetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsmalltile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_logosmall.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailbadge.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-96_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailbadge.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\uithemes\darktheme.acrotheme svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6454_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebookmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_illunosearchresults_180x160.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\freecell\freecellassets.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-96_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\system\ole db\oledbvbs.inc svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-32_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\lobbytiles\tripeaks_bp_809.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\be_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\txp_package_dark.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-20.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\retail\windows_insider_ninjacat_unicorn-128x128.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\dialogs\browse_window.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\ribbon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6440_32x32x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectsmalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\bg_pattern_rhp.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecorderwidetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim1.sad.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_1c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagemedtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\themes\dark\digsig_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\inline-error-1x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-compat_zh_cn.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_zh_cn.jar svchost.exe File created C:\program files\windows photo viewer\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\pyramid\treasure_chamber_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6100_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_illuemptystateccfiles_280x192.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\sk-sk\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\largefreecelltile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\1d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\movie-tvstorelogo.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-80_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\lightedtextured.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\storelargetile.scale-100.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\nl-nl\tipresx.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileregistry\jmc.profile\1423496937509.profile.gz svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotemediumtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecordersplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\jack_of_all_trades_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apppackagesmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_mousenose.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1850_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-80_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsplashlogo.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\sampleheader\fullscreen32.png svchost.exe File opened for modification C:\program files (x86)\common files\system\en-us\wab32res.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\peoplelargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslogoextensions.targetsize-129.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\progress_spinner_dark.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\et.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photossplashwidetile.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\hu.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\show.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_arrow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\sl-si\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\ms.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bj_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxmediumtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xea22.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\s_agreement_filetype.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3490_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-dark.scale-300.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\bg_pattern_rhp.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_12d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\constantsperobjectinstanced.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypelargetile.scale-200_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\shake.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\lu_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\animation\unlocking-animation-187x169.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsmalltile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\326_48x48x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\rhp_world_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\density_hollow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\lk_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\ms.entertainment.common.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\annotations\stamps\enu\dynamic.pdf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\tr.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\applist.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8041_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\uz_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-20_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins3d\3difr.x3d svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\3_badges_gold.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\become_a_star_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3416_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\livetiles\turnbyturnwide.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\density_selected_medium.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\jpegsurface\jpegcontrol.xaml svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\it.snippets.ps1xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\splashscreen\paintsplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\lb_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\sl-si\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\it-it.phonenumber.ot svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\svgcheckboxselected.svg svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\uz_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\pl-pl\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\home-view\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\fr.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar svchost.exe File created C:\program files\java\jre1.8.0_66\bin\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10178_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-54_altform-unplated.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\belike.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6528_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleapplist.targetsize-256.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\management\jmxremote.access svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages_zh_cn.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\backgrounds\background1.png svchost.exe File opened for modification C:\program files\switchrestore.mpp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\starclub\challenge_klondike.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsplashlogo.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\music_welcome_page3.jpg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\badgelogo2.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-36_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\offsymsb.ttf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\share_icons.png svchost.exe File opened for modification C:\program files (x86)\common files\system\ole db\en-us\oledb32r.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-actions.xml svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10290_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-48_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\smalllogo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-30.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\oskclearui\oskclearuibase.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\friends_activity.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\backgrounds\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ro_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmaillargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\17.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\snapshot_blob.bin svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\css\main-selector.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_el-gr.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x86__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangemediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\networkmanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_sendforsignature_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\widetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-40.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\11d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-40_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\cef_100_percent.pak svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\access-bridge-64.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7205_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_rainbow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\alphablendingeffectps_uv.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\s-1-5-21-1231583446-2617009595-2137880041-1000-mergedresources-0.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7834_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\bg_patterns_header.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\chrome-ext.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10393_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5606_40x40x32.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\office16\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\xboxcontrol\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\ro_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\jce.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\avatar.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sn_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\music_empty_state_lifestyle.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\describe.snippets.ps1xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\dt.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\freecell\guard_duty_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\zw_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-googlecloudcache-dark.scale-180.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\lib\cmm\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\lib\management\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\smalltile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\fireworks.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypemedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailbadge.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\selection-actions.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypewidetile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_~_kzf8qxf38zg5c\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_12c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailmediumtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmaillargetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupmedtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\inbox.winmd svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\leftnav.gif svchost.exe File created C:\program files\videolan\vlc\plugins\audio_filter\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\largelogo.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gq_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\share_icons2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\images\cursors\win32_linkdrop32x32.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\_resources\index.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\dailychallenges\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\ko-kr\playstore_icon.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\awards_silver.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleappstorelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\fonts\pplmdl2.1.69.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\mobileacrobatcard_light.pdf svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\it.ps1 svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\smalllogo.scale-200_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\videos\help\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timermedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\bubbles.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\smileydefs.xml svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldnotmatch.snippets.ps1xml svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\psfontj2d.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photoswidetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\icon_windowed.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\de_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\libs\jquery.ui.touch-punch\0.2.2\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\check.cur svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\ro-ro\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\de.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\traceprovider.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangesmalltile.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\images\themeless\mobile_scan_logo.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\check_2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\musicstorelogo.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\cryptocme.sig svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ach\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7d2.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-96.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\themes\dark\rhp_world_icon_2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\logo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-24_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.awards\assets\awards_sign_in_tile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1849_24x24x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x86__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-96_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_kiss.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebooklargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gu_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\mapsbadgelogo.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.resources_3.9.1.v20140825-1431.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\etc\visualvm.clusters svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\koreus.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_glasses.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1249_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-white_targetsize-96.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\el\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagelargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\ru_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\epl-v10.html svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsstorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxbadge.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\sl-sl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\giveup\giveup-press.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\system\en-us\wab32res.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\3_badges_bronze.png svchost.exe File created C:\program files (x86)\mozilla maintenance service\logs\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\to_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-64_altform-fullcolor.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorsmalltile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\microsoft.people.relevance.winmd svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\msado26.tlb svchost.exe File created C:\program files\videolan\vlc\locale\or\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\premium_base.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\epdf_rhp.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\locale\hu\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\es-es.messaging.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.awards\assets\awards_cup.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\effects\effects_lobby_particles.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsplashlogo.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-36_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\storewidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\sv.pak svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\logo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\leave02.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\hk_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxsmalltile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\surfaceprofiles\canvas12oz_512x512.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\devil.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslogoextensions.targetsize-336.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\9.rsrc svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\examples\validator\validator.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4632_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\heart.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ru-ru\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\common files\microsoft shared\msenv\publicassemblies\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditmoment.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldcontain.snippets.ps1xml svchost.exe File created C:\program files\videolan\vlc\plugins\keystore\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tips_4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\fullscreenquad_ps.fxo svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\css\main-cef-win.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_sortedby_selected_18.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\xboxcontrol\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10910_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\oneconnectsplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\iheart-radio.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\spacer\7px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\7.rsrc svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\tumbleweed.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\microsoft.cpub.backgroundtasks.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxbadge.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\improved-office-to-pdf.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\ko-kr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\westerndeck4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\square44x44logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1938_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\anevia_xml.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim1.sad.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\1h.png svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-white_targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\s-1-5-21-1231583446-2617009595-2137880041-1000-mergedresources-0.pri svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\configuration\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square150x150\paintmedtile.scale-150.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\nunit_schema_2.5.xsd svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\themes.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore\resources\assets\rt_icons_spilt_42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar svchost.exe File created C:\program files\videolan\vlc\locale\sl\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecordersmalltile.contrast-white_scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\audio\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\livetiles\trafficwide.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\new_icons_retina.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\idtemplates\enu\defaultid.pdf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\logo_retina.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\density_selected_light.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagemedtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-20.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\medtile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\css\main.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\romanian.txt svchost.exe File opened for modification C:\program files\common files\system\msadc\en-us\msadcer.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\ffjcext.zip svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_eyebrow.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\rhp_world_icon_2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\weather_splashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\tr_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_gb\affdescription.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\base_ca.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\mask_corners_cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-googlecloudcache-dark.scale-240.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\management-agent.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator_1.1.0.v20131217-1203.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_sortedby_hover_18.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmslargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_11d.png svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\manifests\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarbadge.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\fi-fi\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\sounds\starsflying_d_gliss.wav svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecordersplashscreen.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\angel.png svchost.exe File created C:\program files\java\jre1.8.0_66\lib\cmm\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\segxbox2.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\hi_contrast\aic_file_icons_retina_thumb_highcontrast_bow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\gameend_background_gradient.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\western.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\sounds\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\css\main-selector.css svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\nb-no\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\oneconnectbadgelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\cake.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypewidetile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher_1.1.0.v20131211-1531.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_lt-lt.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotemediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7336_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopeninrefocus.contrast-high_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\fullscreen\fullscreen-over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailwidetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-40.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\hi_contrast\aic_file_icons_retina_thumb_highcontrast_wob.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\en_get.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\king_of_the_hill_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_ar-sa.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5034_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\st_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\storemedtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.text.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\videolan\vlc\locale\am\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\gamebar.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gy_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\iq_16x11.png svchost.exe File opened for modification C:\program files\windows media player\media renderer\dmr_48.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\welcome.pdf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\denim.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\images\officeicon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\xaml\onenote\optinui.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\passthroughps_y.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailbadge.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\fr-fr.mail.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapssplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\7-zip\lang\ps.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\fonts\lucidasansregular.ttf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypelargetile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1914_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_2017.209.105.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_11h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x64__8wekyb3d8bbwe\logo.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\css\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\15.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\office365logowlockup.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangebadge.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailmediumtile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\images\themeless\web_documentcloud_logo.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubbadgelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_2017.311.255.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\common files\microsoft shared\vsto\10.0\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\_resources\1.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peoplelargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailmediumtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-63.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.properties svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\er_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\storeapplist.scale-100.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\lua\modules\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\splashscreen.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\coinimageprogressmeter.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\heart.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storelogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square150x150logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\goldbadgeearned.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectsplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-light.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\measure_poster.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\add-comment.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\cs_get.svg svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\aquarium.mobile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\lt\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\create_bp_920.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\ffffff-0.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\styling\css\contentdark.css svchost.exe File opened for modification C:\program files\windows defender\en-us\eppmanifest.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\navcolumn_black\icon_layout.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmswidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\review_poster.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\homebanner-2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\theme-2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\fue_2_1.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\popup\coin.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sd_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubsplashwidetile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\smalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-256_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\smalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10393_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\ro-ro\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitairemedtile.scale-200.jpg svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\microsoft.system.package.metadata\autogen\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\selector.js svchost.exe File opened for modification C:\program files\mozilla firefox\browser\features\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\xmloffkeys\keys_offver16.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\mshwlatin.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\readme.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-80_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\peoplesmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\forms_super.gif svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpage\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timermedtile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\cmap\identity-h svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim2.smile.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_dogear.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\sheep.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\en-us\officons.ttf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-40_altform-fullcolor.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_reminders_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\complete.contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.ui\resources\images\star_qtr.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\cs.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\paintstudio.cursors.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\root\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\ratings\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10191_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-96_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\css\main-selector.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\mask_corners_ace.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\[email protected] svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\ja.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\lib\jfluid-server-15.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-core.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_logosmall.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\11d.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\about.html svchost.exe File opened for modification C:\program files\videolan\vlc\plugins\access\libbluray-j2se-1.0.2.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebookmedtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\welcome-2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\file_info.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\describe.ps1 svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\es.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\doclib.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypelargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\popup_3.jpg svchost.exe File opened for modification C:\program files\7-zip\lang\ja.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailbadge.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-dialogs_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\peopleappstorelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7dc.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-es_es_2x.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\5px.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\store\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_13h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailwidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\annotations\stamps\enu\standardbusiness.pdf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\asl-v20.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20131211-1531.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\smalltile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\back\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\vsto\actionspane3.xsd svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagemedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxaccountsstorelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\txp_carreservation.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.scale-100.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6445_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\it-it\tipresx.dll.mui svchost.exe File opened for modification C:\program files\internet explorer\en-us\ieinstal.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cx_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.services_3.4.0.v20140312-2051.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\contrast\builderlogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxlargetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclockwidetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5665_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\widelogo.scale-150_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\ja-jp\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\it-it.mail.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\livetiles\microsoftsolitairelargetile.scale-100.jpg svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_2015.7906.42257.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\applist.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\splashscreen.scale-150_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotewidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderwidetile.contrast-black_scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\mozilla firefox\uninstall\uninstall.log svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-40_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-96.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\time.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-64_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\icon_quality.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\weather_tilemediumsquare.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8268_32x32x32.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\requests\playlist.json svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ug_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files (x86)\common files\system\ole db\en-us\sqlxmlx.rll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\density_medium.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7296_24x24x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclocklargetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\livetiles\offlinemaps.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_listview.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\describe.tests.ps1 svchost.exe File opened for modification C:\program files\videolan\vlc\locale\my\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\168.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\190.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\inkobj.dll.mui svchost.exe File opened for modification C:\program files\mozilla firefox\xul.dll.sig svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\6.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\fileicons\filelogoextensions.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\ratings\yelplogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\toolkit\images\dash.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-96_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.msn.shell\themes\glyphs\font\msnmdl2.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagelargetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4642_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\images\walletstorelogo.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_folder-default_32.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\ca-es\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\lua\http\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\peoplesplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7656_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\progress_spinner.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_gridview_selected.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_download_audit_report_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\smalltile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\splashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\coinsflytobar_d.wav svchost.exe File created C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10191_24x24x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\win32\bridge\accessbridgecallbacks.h svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\classicdeck4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-96.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\tr-tr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows media player\network sharing\wmpnss_color48.jpg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclocksmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclocklargetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-72_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\plugins\rhp\combinepdf-tool-view.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\microsoft.apps.people.shared.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\np_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmssplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\appuri.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\th_get.svg svchost.exe File opened for modification C:\program files\videolan\vlc\lua\modules\sandbox.luac svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsplashlogo.scale-250.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-io-ui.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\iheart-radio.scale-125_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\locale\pl\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\mask_corners.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\icons\icon_rotate.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\13.rsrc svchost.exe File opened for modification C:\program files (x86)\windows photo viewer\en-us\photoviewer.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-coredump.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sb_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-16_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-dark.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\warning_2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\setembeddedcp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\applist.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\amd64\jvm.cfg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_11h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5665_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\attribution\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-30_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_eyelasheye.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_worriedeye.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\medtile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_es.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages.properties svchost.exe File created C:\program files\windows security\browsercore\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\klondike\klondikeassets.xml svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\microsoft.powershell.operation.validation.psd1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\spacer\6px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tripeaks\control_1.jpg svchost.exe File opened for modification C:\program files\windows media player\network sharing\wmpnss_color32.bmp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagewidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\peoplemedtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\plugin.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\pester.nuspec svchost.exe File opened for modification C:\program files\windows defender\protectionmanagement_uninstall.mof svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypetile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-32_altform-unplated_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\themes\dark\rhp_world_icon_hover_2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\splashscreen.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\sl-si\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\common\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\addressbook.png svchost.exe File opened for modification C:\program files\mozilla firefox\browser\visualelements\visualelements_70.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\lobby_deck_style_aquarium.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangebadge.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-48_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\add-comment-2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\dblook svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagewidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\splashscreen.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\nb-no\playstore_icon.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\604_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\smalllogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\en-us\about_testdrive.help.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\largelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\newsprnt.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclockmedtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_eyelookingup.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\selector.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\es-419.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_12d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\3dbrush\round.mtl svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\peoplelargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\images\ratings\yelplogo.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\largetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\ms_get.svg svchost.exe File created C:\program files (x86)\msbuild\microsoft\windows workflow foundation\v3.5\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecorderlargetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2475_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\virgo-new-folder.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account-select\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tm_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\no_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailwidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\zh-tw_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\sat_logo_2x.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_logosmall.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\mozilla firefox\crashreporter.ini svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\lift.transcoding.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\buildinfo.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\pizza.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-64_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7d8.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlogoextensions.targetsize-48.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.core.contexts_1.3.100.v20140407-1019.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\microsoft.apps.messaging.internal.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\aw_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8268_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\statistics\definitions.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6478_48x48x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\cmm\ciexyz.pf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\badgelogo\paintapplist.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-256.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_zh_cn.jar svchost.exe File opened for modification C:\program files\windows media player\en-us\wmplayer.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\170.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\nr_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\13c.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclocksmalltile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\selector.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example2.diagnostics\1.0.1\diagnostics\simple\example2.diagnostics.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-256_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\pester.psm1 svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\plugin.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\images\ratings\yelp9.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1914_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmaillargetile.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\css\main-high-contrast.css svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\155.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxmediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10191_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\logo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\12d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagesmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8041_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_sortedby_up_hover_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\apppackagemedtile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\storemedtile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\fi_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarmediumtile.scale-125.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_ja.jar svchost.exe File created C:\program files\java\jre1.8.0_66\lib\images\cursors\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\donut_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\lobby_deck_style_classic.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\yellowabstractnote.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1938_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\icons_retina.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\3px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\br_60x42.png svchost.exe File created C:\program files (x86)\internet explorer\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\12s.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\pl-pl\appstore_icon.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-us.calendar.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\widetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macgrey.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\traintrackrightturn.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\pyramid\mummys_boy_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_12h.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\fr-ma\ui-strings.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\cs-cz\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ar-ae\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\background.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\more2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\storelogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_createnotes_ltr_tablet.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-36_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\bg.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\pt-br\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\spider\spiderassets.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\css\main.css svchost.exe File opened for modification C:\program files\windowspowershell\modules\psreadline\1.2\psreadline.psm1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.b93b0697.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6440_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\s-1-5-21-1231583446-2617009595-2137880041-1000-mergedresources-0.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\density_solid.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\profilepic.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\traintrackconnector.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_badgelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-256_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\logo.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\fonts\lucidabrightitalic.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\makeaccessible.api svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\sr-latn-cs\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosstorelogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditrichcapture.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\dismiss.scale-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmaillargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackagewidetile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_en-us.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailsmalltile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\roses.htm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\microsoft.stickynotes.views\images\smile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square150x150\paintmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\us_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\hi_contrast\core_icons_highcontrast_retina.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-dark.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-gb\en-gb_female_tts\prompts_en-gb_tts.lua svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\matchexactly.tests.ps1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\bg_patterns_header.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\ninja.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5666_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\protect_r_rhp.aapp svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timerwidetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-20_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagesmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sg_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\it-it\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themes\dark\close-2.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-64.png svchost.exe File opened for modification C:\program files\7-zip\lang\pt-br.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebooklargetile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.xml_1.3.4.v201005080400.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-in\en-in_female_tts\prompts_en-in_tts.lua svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\booleansubtract.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\call.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\blushing.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\suspendinstall.vst svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_sadmouth.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-24.png svchost.exe File created C:\program files (x86)\internet explorer\signup\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\new-trigger-wiz.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\mn\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ar-ae\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director_2.3.100.v20140224-1921.jar svchost.exe File created C:\program files\videolan\vlc\plugins\spu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\navcolumn_black\icon_advanced layout.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-us\doc_offline_accessibility.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timerwidetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\logo.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_filterselected-hover_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\jo_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ve_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorsmalltile.contrast-white_scale-200.png svchost.exe File created C:\program files\common files\microsoft shared\ink\pt-pt\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\system\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\storelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\applist.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\arrow-left.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\rhp\convertpdf-rna-selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5613_48x48x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\jvm.lib svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square150x150logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackagemedtile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\menu\menu_back-over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\splashscreen.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\sounds\adding_photo.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\largetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\largelogo.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10909_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-dark.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\music_offline_demo_page2.jpg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatormedtile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\effects\effects_lobby_cherryblossoms.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\star-club-button_white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\12d.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\xmloffkeys\keys_offveroobe.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\microsoft.xbox.networktroubleshooter.winmd svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\s_checkbox_unselected_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square44x44\paintapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-40_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\tool\plugin.js svchost.exe File created C:\program files\videolan\vlc\lua\http\requests\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\microsoft.input.ink.analysis.winmd svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\zy______.pfb svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\81.0.4044.129.manifest svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\envy.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\plugin.js svchost.exe File created C:\program files\internet explorer\images\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-in\en-in_female_tts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarmediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\smalltile.scale-100_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_splashscreen.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\images\en-us\winlogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsplashlogo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\largetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\en-gb\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tiles\spider.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclocksmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\coverage.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\digsig_icons_2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebookmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\peoplemedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailsmalltile.scale-125.png svchost.exe File created C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\inputpersonalization.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\smalltripeakstile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\share.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\cs-cz\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\dailychallenges\tile1_diamond.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\came_to_play_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\wfh.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-dark.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\jaccess.jar svchost.exe File created C:\program files\videolan\vlc\plugins\d3d11\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-256_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-gb\doc_offline_speechrecognition.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\s_agreement_filetype.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\pt-br\ui-strings.js svchost.exe File created C:\program files\common files\microsoft shared\vsto\10.0\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedwidetile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\splashscreen\solitaireupperleftimage_large.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7260_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-24_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\dd_arrow_small2x.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\keypad\keypadbase.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\contrast-black\dashboarddefaultthumbnail.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\8.jpg svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\home-view\plugin.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\jfxrt.jar svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebookmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\email\empty.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources. 20a37ca.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\worried.png svchost.exe File opened for modification C:\program files\7-zip\lang\fy.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5511_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-16_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameendbackground.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxaccountssmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-dark.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\ads_premium.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\smallspidertile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1850_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gr_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchwidetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-30.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypelargetile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\13s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\au_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\lu_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-60_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorsplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-google.scale-400.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_cn.jar svchost.exe File created C:\program files\windows photo viewer\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\backgrounds\autumn.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangebadge.scale-100.png svchost.exe File created C:\program files (x86)\windows mail\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\lt-lt\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\spacer\5px.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\pt-br\appstore_icon.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\herohelp\scenario2rtl.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangemediumtile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-windows_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscameralargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\widetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\searchemail.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\images\audio-48.png svchost.exe File opened for modification C:\program files\videolan\vlc\videolan website.url svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square150x150\paintmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_zh_tw_135x40.svg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\coverage.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-60_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\css\faf-main.css svchost.exe File created C:\program files (x86)\common files\microsoft shared\vsta\appinfodocument\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\spacer\9px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\lobby_deck_style_fable.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\common\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_100_eeeeee_1x100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1249_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmaillargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\themes\dark\illustrations_retina.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timerwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square44x44\paintapplist.targetsize-24_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7656_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-60_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\back-arrow-default.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\tab\tabtiles.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1849_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4627_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-dark.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-en_us.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_12c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarlargetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\root\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\locale\ks_in\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\lobby_deck_style_autumn.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-20_altform-unplated.png svchost.exe File created C:\program files\common files\microsoft shared\vsto\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\mozilla firefox\browser\crashreporter-override.ini svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_triangle.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\contain.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\tryagain\tryagain-up.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_reptileeye.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-72_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ly_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-72_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\am_get.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscamerasplashscreen.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_11d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\eml.scale-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\largetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_zh_cn.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\eu-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\nc_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-us\en-us_female_tts\ruleset_en-us_tts.lua svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\cardsloadingsequence.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\widelogo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailsmalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\progress_spinner2x.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\preview.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_clipandadd_rtl_phone.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1851_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_checkbox_unselected_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\medtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\relivesurfaces\zoompan\zoompancontrol.xaml svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\hi_contrast\core_icons_highcontrast.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\reference assemblies\microsoft\framework\v3.5\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\iheart-radio.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\simplify.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_11d.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\supplementaldictionaries\en_gb\added.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\apppackagebadgelogo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotemediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailbadge.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ar-ae\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\upsell\calendar.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\javaws.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.net.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-util-enumerations.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypewidetile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstoretaskswrapper.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-google.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-60_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\attribution\weatherdotcom.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\dailychallenges\tile2_diamond.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\splashscreen\solitairetitle_lrg.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\mask_corners.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\showleaderboardbutton.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_rounded_square.png svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cz_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-48_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\smalllogo.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\lt_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_tilewide.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-google.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-20_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\_resources\index.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5511_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-googlecloudcache-light.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected] svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\cmm\srgb.pf svchost.exe File opened for modification C:\program files\unregisterreset.cfg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-60_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_listview-hover.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\file_info.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_12s.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\delete.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\11.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-24_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\hu-hu\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\plugins\meta_engine\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4632_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-light.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\offsymxl.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\images\officehublogo_71x71.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsplashlogo.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-36_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_1d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_11c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-40_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\fr\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square44x44logo.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-80_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\base.xml svchost.exe File opened for modification C:\program files\videolan\vlc\lua\meta\art\01_googleimage.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\surfaceprofiles\canvas12oz_512x512_nm.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_folder-hover_32.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\circle_2x.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ht_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\timeappservice.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10393_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\storeratingpromotion.winmd svchost.exe File opened for modification C:\program files\videolan\vlc\locale\zh_tw\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6449_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\share_icons2x.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsplashwidetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\heart_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\pyramid\theres_a_timed-mode_unearned_small.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\sun.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenavigationlogo.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\xmloffkeys\keys_offver14.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\runninglate.scale-80.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square44x44logo.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagelargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailmediumtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\multimedia\mpp\flash.mpp svchost.exe File opened for modification C:\program files\windows media player\network sharing\wmpnss_color120.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\66.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\tripeaks\expedition_leader_.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\agmgpuoptin.ini svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\largetripeakstile.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1113_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_empty_state.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\en-ae\ui-strings.js svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\es-es.phonenumber.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\go_for_the_bronze_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\themes\dark\rhp_world_icon_2x.png svchost.exe File opened for modification C:\program files\7-zip\lang\ca.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagewidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-20_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\microsoftaccount.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleapplist.targetsize-64.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\sunjce_provider.jar svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.databinding_1.6.200.v20140528-1422.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\181.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxaccountslargetile.scale-100.png svchost.exe File opened for modification C:\program files\mozilla firefox\browser\features\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\13s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square44x44\paintapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\clapping.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_2015.7906.42257.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\core_icons_retina.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\pm_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-64_altform-unplated_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\new_icons_retina.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\become_a_superstar_unearned_small.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\deal\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\pe_16x11.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-impl.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedlargetile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\filesystemmetadata.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\1.rsrc svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windows defender\en-us\protectionmanagement_uninstall.mfl svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmssmalltile.contrast-black_scale-125.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\tile\sticker.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_createnotes_ltr_phone.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotewidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_sendforcomments_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\myriadpro-it.otf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10146_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4774_20x20x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.ui.ja_5.5.0.165303.jar svchost.exe File created C:\program files\videolan\vlc\plugins\audio_mixer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\widelogo.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\12h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotemediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmaillargetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\reviews_sent.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\coinprogress_a.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_11c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5664_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_forward_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\ccloud.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\security\java.policy svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.sat4j.pb_2.3.5.v201404071733.jar svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tripeaks\goal_5.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\11h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\illustrations.png svchost.exe File opened for modification C:\program files\mozilla firefox\fonts\twemojimozilla.ttf svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\requests\browse.json svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\166.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-light.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\epl-v10.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\popup\pop_up_ok.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebooksmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_ko_135x40.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\sysinfo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ir_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecordermedtile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\resources\fonts\segmvr2.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\zh-cn\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\speechtotextoverlay.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\effects\effects_lobby_dust.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_13c.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileregistry\jmc.profile\1423496926556.profile.gz svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_ja.jar svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7989_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7357_36x36x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\search.api svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipschs.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\js\plugin.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\hu-hu\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\resources\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-20_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\ar.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\management\jmxremote.password.template svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-util-enumerations.xml svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\searchemail2x.png svchost.exe File opened for modification C:\program files (x86)\common files\services\verisign.bmp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\tips_4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\microsoft.entertainment.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources. 6be96e9.pri svchost.exe File created C:\program files\common files\microsoft shared\ink\fsdefinitions\symbols\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jre1.8.0_66\lib\management\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\39.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\yes.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-80_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\themes\dark\new_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\livetiles\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\et-ee\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1249_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\javascripts\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\beer.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4613_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\201.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5034_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\createmaskps_bgra.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-outlook.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-actions_zh_cn.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-print.xml svchost.exe File opened for modification C:\program files\videolan\vlc\readme.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\ribbonhit_a.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslogoextensions.targetsize-32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5372_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\smalltile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\themes\dark\example_icons2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_de-de.respack svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\microsoft.people.autosuggest.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-60_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins3d\drvsoft.x3d svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\eml.scale-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedsplash.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\skype_call_resume.m4a svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\smalllogo.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\sk-sk\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\az\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\203.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\download-btn.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\newscene.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photoswidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1113_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-dark.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\fonts\fhubmdl2.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\sk-sk\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\pesterstate.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected] svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\11h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\buildinfo.xml svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\globalmock-b.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-exchange.scale-300.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ar-sa\tipresx.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\see_all_bp_920.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarlogoextensions.scale-32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\196.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\6.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\ungroup.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-72_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\spider\web_surfing_unearned_small.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleapplist.targetsize-80.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\bing.immersive\shaders\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\snooze.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarwidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4613_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\rhp_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-gb\doc_offline_accessibility.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\4774_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-20.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\configuration\org.eclipse.update\platform.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedsplash.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesplashlogo.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cy_16x11.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.wink.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-96.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclockwidetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscamerawidetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-60_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\tips_1.jpg svchost.exe File created C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-80_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\help.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\scan_visual.svg svchost.exe File created C:\program files\common files\microsoft shared\ink\fsdefinitions\insert\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apppackageapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\goal_2.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_fr-fr.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-20_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1937_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\de-de\ui-strings.js svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_cs.jar svchost.exe File opened for modification C:\program files\videolan\vlc\locale\sl\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windows defender\ammonitoringinstall.mof svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\lobby_deck_style_mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_ja_135x40.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclocksmalltile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7734_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ws_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsplashlogo.scale-250.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\exportpdf-selector.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css svchost.exe File created C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\smalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\hi_contrast\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_square.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-72_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\css\main-cef-ui-theme.css svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipshi.xml svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\requests\status.json svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailwidetile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\iw_get.svg svchost.exe File opened for modification C:\program files\common files\system\ole db\oledbjvs.inc svchost.exe File opened for modification C:\program files\windows media player\network sharing\wmpnss_color48.bmp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\sounds\collectedstars.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangelargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-light.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-16.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\internet explorer\signup\install.ins svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\net.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_hu-hu.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-54_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\oneconnectsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tz_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-32_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-256_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\benullorempty.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_gb\changelog.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x86__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ci_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-72_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\textured_vs.fxo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ls_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\move.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\apppackagemedtile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\ensoui\dashboard_slomo_off.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\statistics\mergedefinitionsw81withoem.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ad_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8201_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-outlook.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\plugins\codec\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\plugins\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\fonts\painta.ttf svchost.exe File opened for modification C:\program files\7-zip\7z.sfx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\27.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\animation\crown_2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagesmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupmedtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ie_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\common files\system\ado\msado28.tlb svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_welcome.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\angry.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\projectionspheric.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\goldbar.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagewidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-48_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-cli.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sa.xml svchost.exe File opened for modification C:\program files (x86)\common files\adobe\helpcfg\en_us\reader_dc.helpcfg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\currency.data svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\favicon.ico svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3899_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.af684437.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-swing-plaf.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\ro-ro\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackagesmalltile.scale-200.png svchost.exe File created C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example3.diagnostics\1.1.1\diagnostics\simple\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-30_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sx_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-googlecloudcache-light.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_2019.16112.11601.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpage\silvericon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-80.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\idtemplates\enu\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\microsoft.skype.imagetool.winmd svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupwidetile.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\assets\sample files\adobe cloud services.pdf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.sad.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxmediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsbadgelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\themes\dark\vscroll-thumb.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\microsoft.net\redistlist\assemblylist_4_client.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\fontconfig.properties.src svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8201_40x40x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\13c.png svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2875_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ne_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchwidetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6701_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\s_shared_multi_filetype.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\plugins\rhp\pages-app-tool-view.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\ca-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmswidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\my_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\icons_ie8.gif svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\logging.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\starclub\help_2_2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\oneconnectstorelogo.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubmedtile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotemediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagesmalltile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\visualelements\logocanary.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\globalmock-a.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\fil.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\178.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_11d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecordersplashscreen.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-20.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-progress-ui.xml svchost.exe File opened for modification C:\program files\windows media player\media renderer\dmr_120.jpg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpage\mainpage_badge_blue_base.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-20_altform-fullcolor.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\adc_logo.png svchost.exe File opened for modification C:\program files\7-zip\lang\sv.txt svchost.exe File opened for modification C:\program files\videolan\vlc\copying.txt svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\blendwithmaskps_bgra.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarmediumtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\storemedtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\en-ae\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\starclub\challenge_tripeaks.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\smalltile.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\themes\dark\s_checkbox_unselected_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_hedge.dxt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1937_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peoplesmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-32_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\rhp_world_icon_2x.png svchost.exe File created C:\program files (x86)\common files\microsoft shared\vsta\pipeline.v10.0\hostsideadapters\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangemediumtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\adobe.reader.dependencies.manifest svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailwidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\progress_spinner_dark2x.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\da-dk\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-72_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-72_altform-colorize.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailmediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\calendar\checkmark.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\lockscreenlogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailmediumtile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim2.surprise.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_cross.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\triangle.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.msn.weather.tile.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\arrow-right.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerevaluators.exsd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\icon_hint.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\images\walletsplashscreen.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\productrecognitionsijb27pts.mdl svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\bin\server\classes.jsa svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square310x150logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\sounds\link_contact.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-96_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoswidetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\generic.xbf svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\sl.pak svchost.exe File opened for modification C:\program files (x86)\windows mail\en-us\msoeres.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\strive_for_perfection_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\11891_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.scale-100_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\zh-cn\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\skins\fonts\freesans.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\brushprofile\brushbump64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8196_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\oneconnectwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-dark.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-256_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\themes\dark\rhp_world_icon_2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorlargetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\close_x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\nl-nl\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\158.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\license.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxmediumtile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\win\cp1251.txt svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\vsto\vstoee90.tlb svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\partychat.winmd svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\insert.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-36.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsplashlogo.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\txp_hotelreservation_dark.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\cs-cz\ui-strings.js svchost.exe File created C:\program files (x86)\google\chrome\application\81.0.4044.129\meipreload\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\172.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclockwidetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxsmalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\reference assemblies\microsoft\framework\v3.5\redistlist\frameworklist.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_2015.7668.58071.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxaccountssplashlogo.scale-180.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar svchost.exe File opened for modification C:\program files\videolan\vlc\locale\pt_pt\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore\resources\assets\rt_icons_popcorn_42.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\progress_spinner2x.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\ca-es\ui-strings.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\refresh_16x16x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2494_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-96.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_gridview-hover.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows media player\network sharing\contentdirectory.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\lock.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\kg_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\mobile\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\es-es.phonenumber.sms.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\outer glow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mq_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_ellipses.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackagewidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapslargetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-spi-quicksearch.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\loc\appxmanifestloc.16.en-us.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7d9.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\testresults.tests.ps1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorwidetile.contrast-black_scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_nextarrow_default.svg svchost.exe File created C:\program files (x86)\reference assemblies\microsoft\framework\v3.5\redistlist\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\chocolateyinstall.ps1 svchost.exe File created C:\program files\videolan\vlc\locale\wa\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\splashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bi_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\ensoui\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\embosscontour.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\logo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\themes\dark\s_agreement_filetype.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\largepyramidtile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebooksmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\fi-fi\ui-strings.js svchost.exe File created C:\program files (x86)\common files\microsoft shared\dao\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\stickyselection.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5606_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\lightgray.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\nl_get.svg svchost.exe File created C:\program files (x86)\windows media player\en-us\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.wink.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-24.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\acroform\pmp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gs_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\ensoui\dashboard_slomo_on.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxbadge.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\email.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\comment.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\spelling.api svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\arrow-left-pressed.gif svchost.exe File opened for modification C:\program files\videolan\vlc\locale\de\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-exchange.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\nl-nl\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagelargetile.scale-400.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\en-us\about_testdrive.help.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\themes\dark\files_icons2x.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\widevinecdm\_platform_specific\win_x64\widevinecdm.dll.sig svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebooklargetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\themes\dark\example_icons2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7260_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\lc_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\shades of blue.htm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\win_logo_white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-80_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-light.scale-250.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\confirmation2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\af_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\sounds\camcorder_stop_5.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-32_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-16_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\widelogo.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\s_shared_single_filetype.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscamerawidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_tilesmallsquare.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\colored_vs.fxo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailmediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubstorelogo.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackagesplashscreen.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\good_to_be_king_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7db.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\pl.pak svchost.exe File created C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example2.diagnostics\1.0.1\diagnostics\simple\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_sphere.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\spider\entangled_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\tripeaks\respacks\tripeaksgameplay.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebooklargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-dark.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\he-il\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmaillargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\12.rsrc svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileregistry\jmc.profile\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\s_listview_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\xboxflow\background.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6924_24x24x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\mso.acl svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\favicon.ico svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-lib-profiler.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\go_for_the_bronze_.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\starttile.hcp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_ro-ro.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7656_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupwidetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\awards_bp_920.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\welcome.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-40_altform-colorize.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\addressbook.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\misc\load-typekit.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\css\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-util.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\splashscreen.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\goal_3.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account-select\js\plugin.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitairesmalltile.scale-200.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupmedtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml svchost.exe File created C:\program files\videolan\vlc\plugins\access_output\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\square310x310logo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypetile.scale-200_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\epl-v10.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square310x150logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mp_60x42.png svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\lib\images\cursors\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\s_filter_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedsplash.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\tab\tabcalendar.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\menu\menu_black-press.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timerlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\medtile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\na_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\en-il\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\shadow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\fable\fable_background.jpg svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-256.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\themes\dark\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\pages\wefgalleryonenoteinsertwinrt.htm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-20_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\zh-cn\ui-strings.js svchost.exe File created C:\program files\windows nt\tabletextservice\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square71x71\paintsmalltile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\dd_arrow_small.png svchost.exe File opened for modification C:\program files\7-zip\lang\pt.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-60_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_de_135x40.svg svchost.exe File created C:\program files\common files\microsoft shared\ink\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\ug\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsmedtile.scale-100.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages_pt_br.properties svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\security\blacklisted.certs svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cn_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\confirmation.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\core\locale\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchmedtile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\cloud.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotemediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-256_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-20.png svchost.exe File opened for modification C:\program files (x86)\reference assemblies\microsoft\framework\v3.0\winfxlist.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-execution.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\strings\officehubintl.lang-en-us.resw svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\np_16x11.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\pt-pt\tipresx.dll.mui svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\contrast\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\talktothehand.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\priidu.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangebadge.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\root\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\oracle.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-80_altform-unplated_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ro-ro\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\174.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlogoextensions.targetsize-24.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\rename.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\thirdpartylicensereadme-javafx.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\starclub\challenge_spider.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\storelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\movie-tvstorelogo.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\themes\dark\icons_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\new_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windows media player\skins\revert.wmz svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\powershellget\1.0.0.1\en-us\psget.resource.psd1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_12h.png svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\oskclearui.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_sl-si.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\5.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\beihai_common_diagnostics.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\peopleapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-24_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-windows.xml svchost.exe File opened for modification C:\program files\videolan\vlc\locale\pa\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\largelogo.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\benullorempty.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagewidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\pt-br_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\12d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\11h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4665_32x32x32.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\zh-hk_get.svg svchost.exe File created C:\program files\common files\microsoft shared\ink\lt-lt\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-24_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\images\blankimage.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\common\readme.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10910_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xeccf.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\info.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_12s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesplashlogo.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\faf_field_grabber.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\splashscreen.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files\7-zip\lang\sr-spc.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_tilemediumsquare.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\klondike\ice_castle_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\fable.mobile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\lv_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x86__8wekyb3d8bbwe\microsoft.system.package.metadata\autogen\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\files_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\184.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\preview.scale-100_layoutdir-ltr.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\virgo-new-folder.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\installer\chrome.7z svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timermedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10910_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cr_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\skype_call_failed.m4a svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-white_targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\medtile.scale-200.png svchost.exe File opened for modification C:\program files\7-zip\lang\ne.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-72.png svchost.exe File created C:\program files (x86)\internet explorer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\getsmdl2.ttf svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\illustrations.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\win\cp1258.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim1.smile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-96_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\chrome-ext-2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sh_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\awards_base.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\dm_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gq_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mp_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\2px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchlargetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailsmalltile.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_tilemediumsquare.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-16_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storewidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\177.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-200_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\icon.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\premium_ribbon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\1h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_star.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypelargetile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-google.scale-300.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_nb_135x40.svg svchost.exe File opened for modification C:\program files\7-zip\lang\ru.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square71x71\paintsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-16_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\themes\dark\hscroll-thumb.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\nb-no\appstore_icon.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleapplist.targetsize-80.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\text_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\splashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\contain.ps1 svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\applist.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmssmalltile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\assets\sample files\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\icon.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\tips_1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmslargetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\sat_logo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedstorelogo.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-gb.calendar.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windows defender\en-us\mpasdesc.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\navcolumn_black\icon_printer.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x86__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4627_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\en-us\outlook_whatsnew.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-256.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\themes\dark\arrow-down-pressed.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contactphoto.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1725_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\edit_r_rhp.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\a12_spinner_int.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable_1.4.1.v20140210-1835.jar svchost.exe File opened for modification C:\program files\videolan\vlc\locale\sr\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\arkadium-logo-credit.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\makeup.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\upsellfooterbannerdesktop.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-16_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbyoptionaltools.jar svchost.exe File created C:\program files\videolan\vlc\locale\cy\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangewidetile.scale-150.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscamerasplashscreen.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\system\ole db\en-us\msdasqlr.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\centerview.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\close_button.jpg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\changelog.md svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7handle.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\sq\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\medtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\dk_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-40_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameralargetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-80.png svchost.exe File created C:\program files (x86)\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-keymap.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_1c.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-io.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_ca\hyph_en_ca.dic svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebooksmalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\adovbs.inc svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1937_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-settings.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_logosmall.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_1h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4613_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2494_24x24x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.xml svchost.exe File created C:\program files\videolan\vlc\locale\hi\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\planecutkeeptop.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebooklargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-72_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\move.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\example_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\planecutkeepbottom.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\minionpro-bold.otf svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\security\local_policy.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5511_20x20x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\widetile.scale-125_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubmedtile.scale-100_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\system\msadc\en-us\msdaprsr.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\toast.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_gl-es.respack svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\smalllogo.scale-200_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\nl-nl\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-us.postaladdress.ot svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlogoextensions.targetsize-32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windows nt\tabletextservice\en-us\tabletextservice.dll.mui svchost.exe File opened for modification C:\program files\7-zip\lang\fr.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\speech\en-gb\tokens_engb.xml svchost.exe File created C:\program files (x86)\common files\system\ado\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\meta-inf\eclipse_.sf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\mobile\en-gb\toc.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sa_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1914_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5665_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\xe_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\svgcheckboxunselected.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_cn.jar svchost.exe File opened for modification C:\program files\popwrite.kix svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-icons_222222_256x240.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmswidetile.contrast-black_scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\es-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclockmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\resources\fonts\segmvr2.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\en-us\playstore_icon.svg svchost.exe File opened for modification C:\program files (x86)\windows media player\en-us\wmpmediasharing.dll.mui svchost.exe File opened for modification C:\program files\videolan\vlc\lua\intf\http.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\largetile.scale-200.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\gu\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\images\fre_background.jpg svchost.exe File created C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_explosion.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4613_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\id_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsplashscreen.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\ipsmigrationplugin.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\silverbadgeearned.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\lobbytiles\freecell_bp_809.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\progress.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7739_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8201_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\yawning.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-exchange.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\pt-br\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\mozilla firefox\uninstall\shortcuts_log.ini svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mz_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\css\main.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\booklist.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ma_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\sk_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\menuopen_d.wav svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\storelogo\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_newfolder_dark_18.svg svchost.exe File opened for modification C:\program files\common files\system\ole db\en-us\sqloledb.rll.mui svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\confirmation.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages_zh_cn.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\bin\jmc.ini svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\attribution\weather_2_travel.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.surprise.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\freecell\on_parole_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_owleye.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\minionpro-regular.otf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\gamemodeklondike.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\contbig.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected] svchost.exe File created C:\program files (x86)\google\chrome\application\81.0.4044.129\swiftshader\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\iq_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\facebookdialog.xbf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\assets\logo.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\meta-inf\eclipse.inf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bd_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.ui\resources\segxbox2.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmssmalltile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubsmalltile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\lobby_deck_style_jumbo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\avatars.winmd svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\sw.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\license.html svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypemedtile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\applist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\pn_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\density_light.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\storelogo.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxlargetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-72_altform-fullcolor.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsmedtile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailmediumtile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecorderwidetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-125_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubmedtile.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\musicstorelogo.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-40_contrast-black.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\match.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-16_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\cat.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\15.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windows defender\protectionmanagement.mof svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\mapssplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ph_16x11.png svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\abbreviations\en_us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmsmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bf_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-30.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\bun.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\nerd.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cg_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photossmalltile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\apppackagesmalltile.scale-100_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\br.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timersmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\inbox.shared.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\configuration\config.ini svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\custom.lua svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebookmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\medtile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\storelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8201_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\thinking.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gw_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\nacl_irt_x86_64.nexe svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\xs_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.ui\resources\images\star_empty.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\zh_tw\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\effects\effects_lobby_leaves.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-dark.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_gridview-hover.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\uk-ua\ui-strings.js svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\lib\jfr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-40_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_tr_135x40.svg svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditrichcapture.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\pyramid\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\selection-actions2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-256.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\css\main.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-applemenu.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedapplist.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\badgelogo2.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-google.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\widelogo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\ink\en-us\tiptsf.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\core.xslt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\themes\dark\new_icons_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7989_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\wfh.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-80_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-googlecloudcache-light.scale-180.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\rcypaper.jpg svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5311_20x20x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\smalltile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\css\main-selector.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\videolan\vlc\locale\uk\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bj_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6416_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-googlecloudcache-dark.scale-140.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fillnsign_visual.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fullscreen-hover.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmssplashscreen.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\solve\autosolve_button_press.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebooksmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchlargetile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-dark.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-us.mail.config svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\vsta\pipeline.v10.0\pipelinesegments.store svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsapplist.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_listview_selected.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\images\bell_empty.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files-select\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\pl.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\intf\cli.luac svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\javafx.properties svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\microsoft.cameraapp.shared.native.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\pilotshubapp.backgroundworker.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\styles.xbf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\css\home-view.css svchost.exe File opened for modification C:\program files\7-zip\lang\be.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameramedtile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-80_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\styling\css\contentlight.css svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\chrome_100_percent.pak svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\begreaterthan.ps1 svchost.exe File opened for modification C:\program files\7-zip\lang\nl.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditmoment.contrast-high_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\upsell_without_premiumedition.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-60_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\core\locale\core_visualvm.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebookmedtile.scale-150.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\powershellget\1.0.0.1\en-us\psget.resource.psd1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\premium_badge_compact.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\be_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\popup_2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagesmalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\centeuro.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages_es.properties svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-snaptracer.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\livetiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\skype.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\themes\dark\arrow-right.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_11c.png svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\insert\insertbase.xml svchost.exe File created C:\program files (x86)\common files\microsoft shared\vsta\pipeline.v10.0\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\paintstudio.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8498_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\plugin.x.manifest svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderstorelogo.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_duplicate_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\selector.js svchost.exe File created C:\program files\videolan\vlc\locale\km\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypetile.scale-100_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sampler.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_2016.719.1035.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim2.sad.small.scale-150.png svchost.exe File created C:\program files\windows nt\accessories\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\smalllogo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\microsoft.packaging.richjpg.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangemediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\splashscreen.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_link_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\release svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\ko-kr\ui-strings.js svchost.exe File created C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example2.diagnostics\1.0.1\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\storelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\rhp_world_icon_2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_12c.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photossmalltile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1938_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ai_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\dev-config.json svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\projectioncylindric.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\sakura.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\starrrr.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_share_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\new_icons.png svchost.exe File opened for modification C:\program files\limitexport.au svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\darkblue.png svchost.exe File created C:\program files (x86)\google\update\download\{8a69d345-d564-463c-aff1-a69d9e530f96}\81.0.4044.129\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4583_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\xaml\onenote\shareerrormessagepage.xaml svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\resources\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\prndmediasource.winmd svchost.exe File opened for modification C:\program files\windows defender\en-us\msmpres.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6701_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\medtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\fi.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\autumn.mobile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesmalltile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\az_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_zh_cn.jar svchost.exe File opened for modification C:\program files\videolan\vlc\locale\am\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timerwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxbadge.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\sr-cyrl-cs\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\ads_win10_300x250.scale-100.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\sleepy.png svchost.exe File created C:\program files\windowsapps\microsoft.windowssoundrecorder_2017.130.1208.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\surfaceprofiles\canvas_flat_512x512_nm.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\faf_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-80_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\apppackagesplashscreen.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\vo_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\fr-fr\ui-strings.js svchost.exe File created C:\program files\common files\microsoft shared\ink\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.webapp_3.6.300.v20140407-1855.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorlargetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7656_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\lets-get-started-2x.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\is\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclocklargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorlargetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\custom_poster.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-output2.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\11891_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.telemetry\bievents.xml svchost.exe File created C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example2.diagnostics\1.0.1\diagnostics\simple\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\9px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.sad.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\dismiss.scale-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\medtile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10912_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatormedtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\ko-kr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.awards\assets\awards_circle_gray.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\cgg\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\largetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_bg-bg.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_13d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebooklargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ge_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\1d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-64_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\release-config.json svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storewidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmswidetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\smalltile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\upsell\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\myriadpro-regular.otf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winxpbluhandle.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\images\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\emboss.scale-180.png svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6536_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-dark.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxaccountssplashlogo.scale-180.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apppackagewidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7357_20x20x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\air\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windows nt\tabletextservice\tabletextservicearray.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\oneconnectwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\poolparty.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_2016.511.9510.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsbadge.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg1_thumb.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\images\tiles\square44x44logo.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\edit_pdf_poster.jpg svchost.exe File opened for modification C:\program files\common files\designer\msaddndr.olb svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\videolan\vlc\lua\playlist\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-64.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\square44x44logo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_lollipop.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangesmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\rjmx.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-256_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypewidetile.scale-200_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\kiss.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailbadge.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-48.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\badgelogo\paintapplist.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenoteaudio_recordingplayback.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\alphablendingeffectps_y.cso svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-us.calendar.model svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\rt.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim2.sad.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\bow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailbadge.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\css\main.css svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\languagenames2\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim2.smile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\acroform\adobepdf.xdc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\themes\dark\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubbadgelogo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-40.png svchost.exe File created C:\program files\videolan\vlc\lua\intf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_lv-lv.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\beachdeck4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gw_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\pn_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-googlecloudcache-light.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapssplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\navigationicons\nav_icons_messages.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-80_contrast-black.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\jaccess.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\planecutkeepbottom.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\widelogo.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-80_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\windows nt\accessories\en-us\wordpad.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ma_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-80.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_ellipses-hover.svg svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_gb\hyph_en_gb.dic svchost.exe File created C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x86__8wekyb3d8bbwe\microsoft.system.package.metadata\autogen\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\etc\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.actionprovider.exsd svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\content-types.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameramedtile.scale-100.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ug\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\xaml\onenote\captureimagecontrol.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\move.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_partstyle.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-googlecloudcache-dark.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_listview_selected-hover.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\text_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\scan.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmslargetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\logo.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-dark.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\xe_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2494_48x48x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\javax.inject_1.0.0.v20091030.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\11891_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderstorelogo.contrast-white_scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7316_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\da-dk\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\net.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-36_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchsmalltile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1725_48x48x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\edit_pdf_poster2x.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface_3.10.1.v20140813-1009.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\css\desktop-tool-view.css svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\images\ratings\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\tongueout.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\34.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecordersplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sm_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\courierstd-boldoblique.otf svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\images\playbutton-rollover.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\badges\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\um_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photossmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8577_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\iheart-radio.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\splashscreen\arkadiumlogo.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\am.pak svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\belessthan.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_ear.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x86__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\rhp_icons.png svchost.exe File created C:\program files\common files\microsoft shared\ink\bg-bg\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\co\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslogoextensions.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-20_altform-unplated_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\undo\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_2015.7668.58071.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2818_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\homebanner-3x.png svchost.exe File created C:\program files\videolan\vlc\locale\en_gb\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows defender\fepunregister.mof svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\microsoftaccount.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionmedtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ly_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\softblue.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\no symbol_icon.png svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\autogen\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1251_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photosapplist.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bq_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mk_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarmediumtile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\css\main-selector.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecorderapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square44x44\paintapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-48_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\css\main-selector.css svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.util_1.0.500.v20130404-1337.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-gb.postaladdress.model svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebookwidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filterselected-dark-down_32.svg svchost.exe File created C:\program files\videolan\vlc\locale\gd\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\themes\dark\icons_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\da-dk\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\perfect\ribbon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\constantsperlightdata.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\should.ps1 svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\testsrunningincleanrunspace.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\151.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peoplewidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarsplashlogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\breakandcontinue.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\security\trusted.libraries svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubbadgelogo.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\swear.png svchost.exe File created C:\program files\java\jdk1.8.0_66\bin\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5613_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\backgroundaudio.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\homebanner-4x.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\mapslargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-256_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\es\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-256_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\meta-inf\manifest.mf svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\control_10.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\warning.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_10h.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\ro-ro\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\locale\kn\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\x.cur svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\startnetworkserver svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\helpicon_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-96_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7834_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-40_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\directionalnavigation-1.0.0.0.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\favicon.ico svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim2.sad.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-96_altform-colorize.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\system\msadc\en-us\msadcor.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20131217-1203.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\star-club_icon.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1249_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\oneconnectwidetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\visualelements\smalllogodev.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\1px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\perfect\ribbon_3.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\11h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photossmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-gb.calendar.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\logo.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\compare_r_rhp.aapp svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_de_de.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\boxed-delete.avi svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\version.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square44x44logo.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\splashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\md_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\minionpro-it.otf svchost.exe File created C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x86__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\cash.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\buildinfo.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-30_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\oneconnectsplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-256.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_comment_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\nb.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7813_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\lv_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\livetiles\traffic.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-48_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\medtile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\189.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\avatar_default_large.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-129.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\vc_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\widetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photoslargetile.scale-125.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipskor.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\about.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-variant2.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\xaml\onenote\sharemainpage.xaml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\3dbrush\round18-05.wts svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\facebookloginbutton.xbf svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\build.psake.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-multiview.xml svchost.exe File opened for modification C:\program files\repairstop.vdw svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchwidetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\s_thumbnailview_18.svg svchost.exe File created C:\program files\windows media player\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\ingame_controls.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\video_offline_demo_page1_alternate.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagesmalltile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\hu_get.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x86__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\triangle_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2818_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_listview_selected-hover.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\arrow-down-pressed.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotewidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-48.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-64_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\remove.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\myriadpro-bold.otf svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photosapplist.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongrouplargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-32_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangelargetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\hi.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\rtscom.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\icon.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_2017.311.255.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\cat.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\pt-pt.pak svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmssplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecordersplashscreen.contrast-black_scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\ratings\yelp10.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\plugin.js svchost.exe File opened for modification C:\program files\7-zip\lang\kaa.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench_1.1.0.v20140512-1820.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\bin\javacpl.cpl svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\scoretrophy.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-60_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-60.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_zh_tw.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\largetile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\annotations\stamps\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\msbuild\microsoft\windows workflow foundation\v3.0\workflow.targets svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlogoextensions.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_wood.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\63.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-30_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-us\toc.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\timecontrols.winmd svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_th-th.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\packagemanagement\1.0.0.1\packagemanagement.psd1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\204.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\annotations\stamps\words.pdf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\completeunpublish.mpeg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-googlecloudcache-dark.scale-140.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\spider\2_piece_silk_suit_unearned_small.png svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\msador28.tlb svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\spacer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-gb\doc_offline_getconnected.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-us\doc_offline_narrator.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\wide310x150\paintwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x86__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\peopleapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\wondering.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-96_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\s_radio_selected_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-24_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\dropboxstorage.api svchost.exe File opened for modification C:\program files\videolan\vlc\locale\co\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-48_altform-unplated_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1938_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6440_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\fk_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages_it.properties svchost.exe File opened for modification C:\program files\windows media player\en-us\wmlaunch.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\talking.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-256_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\msbuild\microsoft\windows workflow foundation\v3.0\workflow.visualbasic.targets svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\fonts\bhaimdl2.1.84.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\video_offline_demo_page2.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_checkbox_partialselected-default_18.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\goal_40.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_cloud.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\fk_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tn_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\mapsstorelogo.scale-100.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsbadgelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\fonts\lucidatypewriterbold.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\notificationsextensions.winmd svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1949_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-100_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\themes\dark\icons_ie8.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\dblook.bat svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopeninrefocus.contrast-white_scale-125.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\tl.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\largelogo.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\close_button_over.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\windows photo viewer\en-us\imagingdevices.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagewidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\office365logowlockup.scale-180.png svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\bandit.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\stars.jpg svchost.exe File created C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example1.diagnostics\diagnostics\simple\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsstorelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\widetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\pish_placeholder_small.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square44x44logo.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-96.png svchost.exe File opened for modification C:\program files (x86)\windows nt\tabletextservice\tabletextservicetigrinya.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\meta\reader\filename.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gl_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\tips_3.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailbadge.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\glow.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldmatch.snippets.ps1xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-54_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-dark.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-36_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_sortedby_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\selector.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themes\dark\close.svg svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\ko-kr.xml svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\mobile\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxaccountssplashlogo.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\de-de\ui-strings.js svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\core\locale\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\largetile.scale-100_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\icon.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5941_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-72_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\store\storesimulatorproxy.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\js\startup.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\icons\icon_play_prs.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\index.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_ja_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\java\jre1.8.0_66\lib\deploy\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x86__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailmediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-dark.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\telemetryrules\hxcalendarappimm.exe_rules.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x86__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\storesmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_reject_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\control_1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailbadge.scale-125.png svchost.exe File created C:\program files (x86)\common files\microsoft shared\vsta\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecorderwidetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg5.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\de-de.mail.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-63.png svchost.exe File created C:\program files\windowspowershell\modules\packagemanagement\1.0.0.1\en\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\upsell.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\testresults.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\emo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-light.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\uz\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\popup_shadow_3_2bp.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\uppremium.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\particles\cardbounce.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-80_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\pddom.api svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_selectlist_checkmark_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\bg_pattern_rhp.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\edit-pdf-2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\bronze_badge_earned.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\popup\completedallchallenges_1_solitaire.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3838_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\planecutkeeptop.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\mask_corners.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6478_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\pesterthrow.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\[email protected] svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\cubetile_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\ta\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5601_48x48x32.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fr-ca\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_background.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photossmalltile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\tryagain\tryagain-press.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\endgame_yellow_up.png svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square150x150\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-javahelp.jar svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\join.avi svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.io_8.1.14.v20131031.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square310x310logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\976_40x40x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\title.htm svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-lib-uihandler.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-utilities.jar svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypeapplist.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-24_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagesmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopenincinemagraph.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarmediumtile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3899_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\flower.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files\videolan\vlc\lua\meta\reader\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3490_48x48x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\conticon.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\50.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7989_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\sl-sl\ui-strings.js svchost.exe File opened for modification C:\program files\enterlock.pps svchost.exe File created C:\program files\windowsapps\microsoft.microsoftofficehub_2017.311.255.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-googlecloudcache-dark.scale-140.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\13h.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\oneconnectmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailbadge.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ee_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\dialogs\stream_config_window.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\deal\new-deal-press.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\1h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsmalltile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\hscroll-thumb.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-tools.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxlargetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsplashlogo.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\tr-tr\appstore_icon.svg svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\base_jpn.xml svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\js\ui.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apppackagemedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\css\main.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10911_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\sounds\unlink_contact.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\placeholder.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\en-gb.pak svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\oskmenu.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmaillargetile.scale-125.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\jfxrt.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\badges\newcollection.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\roses.jpg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\movie-tvstorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-40_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\oneconnectlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangesmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\folder.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsstorelogo.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_cn.jar svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\resources\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\evilgrin.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\telemetryrules\hxmail.exe_rules.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\mask_corners.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongrouplargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\cool.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmslargetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\9434_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pt-br_get.svg svchost.exe File created C:\program files\videolan\vlc\locale\sk\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3416_48x48x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\rhp\exportpdf-rna-selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\cameraicon_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\icons\icon_done.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\css\main-selector.css svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\id\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotemediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6449_40x40x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\resources\retaildemo\data\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagewidetile.scale-150.png svchost.exe File opened for modification C:\program files\7-zip\lang\pa-in.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apppackagebadgelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongrouplargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ky_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\microsoft.xbox.services.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7260_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\fr_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-execution_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangelargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-60_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_diamond.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-20_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\describe.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar svchost.exe File created C:\program files\mozilla firefox\gmp-clearkey\0.1\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\vg_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\apppackagemedtile.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhublargetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-72_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\themes\dark\arrow-down.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7357_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x86__8wekyb3d8bbwe\logo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-96_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-60.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\ko-kr\appstore_icon.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleapplist.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ps\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\projectioncylindric.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3899_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-outlook.scale-300.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\common files\microsoft shared\clicktorun\clientcapabilities.json svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-32_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\windowsphonereservedappinfo.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\s_shared_multi_filetype.svg svchost.exe File created C:\program files\reference assemblies\microsoft\framework\v3.0\redistlist\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslogoextensions.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarbadge.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\illustrations_retina.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\storelogo\paintapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mh_60x42.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\pesterthrow.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_en_135x40.svg svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\chrome.exe.sig svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\about.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timerwidetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\artifacts.xml svchost.exe File opened for modification C:\program files\windows media player\network sharing\wmpnss_color48.png svchost.exe File created C:\program files\videolan\vlc\locale\nn\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10912_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\offsym.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\storewidetile.scale-100.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\vi\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebookmedtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tt_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10290_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-light.scale-300.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\appcore\location\shifter\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\globalmock-a.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\deal\new-deal-over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\giveup\giveup-up.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\de_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-60_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\swipeteachingcalloutimage.layoutdir-ltr.gif svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\themes\dark\icons_ie8.gif svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\oskpred\oskpredbase.xml svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\zh-tw\tipresx.dll.mui svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\stars.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fireworks\fireworks2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square150x150\paintmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\giggle.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-72_altform-unplated_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\authors.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderstorelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\weather_tilelargesquare.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\w0.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\starclub\new_collection_available.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\storelargetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-common.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebookmedtile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\sv_get.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\navigationicons\nav_icons_achievements.targetsize-48.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2475_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsstorelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\it-it\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\locale\ca\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-256_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\3.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangewidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-white\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\win\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\images\cursors\invalid32x32.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\brmarble.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\3dbrush\round18.brush svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\cstm_brand_preview.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.d3ad3041.pri svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\star-club-button_gold.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square310x310\paintlargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-googlecloudcache-light.scale-240.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\cs-cz\playstore_icon.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\th_get.svg svchost.exe File opened for modification C:\program files\7-zip\lang\lv.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\main.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\themes\dark\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagewidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\globalmock-b.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\12s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleapplist.targetsize-32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\largelogo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themedownload\button_pause.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-36_altform-colorize.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_2015.7668.58071.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\en-us\appstore_icon.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\addressbook.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\configuration\org.eclipse.update\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\pl\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\brushprofile\trailmask.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_invite_18.svg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\mock.ps1 svchost.exe File opened for modification C:\program files\7-zip\lang\va.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\peoplewidetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\images\image_placeholder.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\6.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\goal_4.jpg svchost.exe File created C:\program files\windowspowershell\modules\psreadline\1.2\en\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\smalllogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\icon_advanced layout.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-256_altform-colorize.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\css\main.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagelargetile.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\photosapp\assets\thirdpartynotices\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\greenbubbles.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tripeaks\tips_1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\_resources\3.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-36.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\courierstd-oblique.otf svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\begreaterthan.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-80_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\images\tiles\wide310x150logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsmalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\vsto\vstoee100.tlb svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jface.text_3.9.1.v20140827-1810.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-dialogs_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\en-us\ct_roots.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\video_offline_demo_page1.jpg svchost.exe File created C:\program files\videolan\vlc\locale\sr\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ph_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gp_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\locale\th\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\widelogo.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\xaml\onenote\htmlviewer.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\reduced_mode.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\splashscreen\paintsplashscreen.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\aic_file_icons.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\11s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorwidetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\s_close2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\peopleutilrt.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditrichcapture.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\icons\icon_play_nor.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\7.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackagemedtile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\radialcontrol\tiltup_e809_hc_black_64x64.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\jni.h svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3569_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5666_24x24x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsjpn.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\meta-inf\eclipse_.sf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\first_one’s_free_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotewidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mq_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\url.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\s-1-5-21-1231583446-2617009595-2137880041-1000-mergedresources-0.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\fb_blank_profile_portrait.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\combine_r_rhp.aapp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\_resources\1.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_forward_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\catalog.json svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\un_60x42.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldcontain.snippets.ps1xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\themes\dark\dd_arrow_small2x.png svchost.exe File opened for modification C:\program files (x86)\windows mail\en-us\winmail.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\fileicons\filelogoextensions.targetsize-40.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.apptk.nativedirect3d.uap\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\welcomecardrdr.png svchost.exe File created C:\program files\videolan\vlc\plugins\mux\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-us.postaladdress.ot svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\11c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebookmedtile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\core_icons_retina.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-white\largetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\el_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-light.scale-300.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7336_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangewidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\medtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-40_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_download_18.svg svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\meta-index svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-200_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclocklargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\largetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\sendforsignature.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\splashscreen\paintsplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\ipseventlogmsg.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apppackagelargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\lightedtextured_pixellighting_ps.fxo svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\locales\en-us.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-light.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\readme.htm svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\tiptsf.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\1s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagemedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_ru_135x40.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\9434_20x20x32.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\peacock.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\173.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3416_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-72_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangelargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\storeratingpromotion.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-32_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailbadge.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\info2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxservices.config svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\it-it\appstore_icon.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\mng2.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\images\cursors\cursors.properties svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-bg_flat_10_000000_40x100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\fm_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\pyramid\theres_a_timed-mode_.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\pyramid\respacks\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\cardbacks\spider.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5034_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins3d\2d.x3d svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\multi-tab-file-view.png svchost.exe File created C:\program files (x86)\common files\services\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\clicktorun\appvclient.man svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\navcolumn_black\icon_quality.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\32.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\microsoftlogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\marathon_unearned_small.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\uithemes\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-windows.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10146_40x40x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_11c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\goal_2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sr_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.dba79ab6.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\surfacehub\en-us\toc.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10178_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_dognose.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailbadge.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-200_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square44x44logo.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\themes\dark\bg_pattern_rhp.png svchost.exe File opened for modification C:\program files\windows defender\en-us\mpevmsg.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\w7.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\signal_white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mw_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\bg_pattern_rhp.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\tt.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\nashorn.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-core-kit.xml svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\resources.jar svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\optinpopup\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlargetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\locale\br\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\sticker.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\handset_black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\windowsphonereservedappinfo.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-40_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_download_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\progress.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmaillargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\beeps\skin_beeps.lua svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.wink.small.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailbadge.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\windmill.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\peoplesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchmedtile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ka\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubmedtile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\15.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.8883896e.pri svchost.exe File created C:\program files\videolan\vlc\locale\de\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_createnotes_rtl_tablet.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\mail.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\storeratingpromotion.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_1h.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\welcomecardrdr-2x.png svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\herohelp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\9724_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\booleanintersect.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\31.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\addressbook2x.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\widelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-gb\demonotebook.onepkg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\logo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-24.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\cstm_brand_preview2x.png svchost.exe File created C:\program files (x86)\windows media player\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\updater.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\46.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\xboxcontrol\internet_icon.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\mobileacrobatcard_dark.pdf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\inmodulescope.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-96_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\186.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\sr-cyrl-cs\mso.acl svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sy_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_13c.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_backarrow_default.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\11s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\smile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-64_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\animation\coins out burst_00018.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\organize_poster.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\theme\theme_classic.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8041_48x48x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-sampler.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\tripeaks\extreme_altitude_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\popup_shadow_1.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\selection-actions.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\themes\dark\rhp_world_icon.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected] svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\css\main-selector.css svchost.exe File opened for modification C:\program files (x86)\windows photo viewer\en-us\imagingdevices.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\progressbarfilled.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\it.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\navcolumn_black\icon_supports.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\assets\xboxnotificationlogo.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipshe.xml svchost.exe File opened for modification C:\program files\mozilla firefox\browser\features\[email protected] svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5671_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailmediumtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-200_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\goal_5.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sb_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\de-de.messaging.config svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\goal_4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-light.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\gd\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\quickreplysend.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmaillargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapswidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-48_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\svgcheckboxselected.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotemediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\vn_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\thirdpartylicensereadme-javafx.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\medtile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\badges_bronze.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypewidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-dark.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\smirk.png svchost.exe File created C:\program files (x86)\google\chrome\application\81.0.4044.129\visualelements\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_zh_cn.jar svchost.exe File created C:\program files\videolan\vlc\plugins\text_renderer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-googlecloudcache-light.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxlargetile.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6528_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\et_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-light.scale-300.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\plugin.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggeractions.exsd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-light.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.surprise.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_1d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\12c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscamerasmalltile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\open_original_form.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\organize.svg svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchsmalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\en-ae\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-32_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebooklargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsplashlogo.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-30.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-36.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_reportabuse-default_18.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\11h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-20.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackagebadgelogo.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\text.cur svchost.exe File created C:\program files\internet explorer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2210_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\medtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\powershellget\1.0.0.1\psget.format.ps1xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\nl-nl\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\popup\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-60_altform-fullcolor.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\jsse.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\pish_placeholder.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_auditreport_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square44x44logo.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\expression_picker_tab_placeholder.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5666_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-outlook.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-yahoo-light.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fullscreen-press.svg svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\adobe\products.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\ninja.png svchost.exe File opened for modification C:\program files\common files\system\ole db\en-us\sqlxmlx.rll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_saveautomatically_rtl_phone.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\s-1-5-21-1231583446-2617009595-2137880041-1000-mergedresources-0.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangemediumtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_2019.16112.11621.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\musicstorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6449_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\cs-cz\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-72.png svchost.exe File created C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example2.diagnostics\1.0.1\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mm_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2494_40x40x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_nl_135x40.svg svchost.exe File opened for modification C:\program files\videolan\vlc\lua\intf\modules\httprequests.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\at_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\check-mark-2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_11h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\square150x150logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\belikeexactly.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\themes\dark\arrow-down.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\roses.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\12d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\storelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sx_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\themes\dark\illustrations_retina.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\diamond_badge_earned.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\office.odf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tw_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\context.tests.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\w6.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmaillargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\welcome.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_tilesmallsquare.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\sounds\starsland_f.wav svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themeless\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\0.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\strings\en-us\people-pdp-content.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\storeratingpromotion.winmd svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\_resources\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_background.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\widetile.scale-200.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\copyright svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\largetile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxbadge.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptile.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\apple-touch-icon-57x57-precomposed.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\no.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\spacer\1px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\images\ratings\yelp5.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\[email protected] svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\home-view\selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-32_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\navigationicons\nav_icons_activityalert.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscameramedtile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\photosexperimentationnative.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\email\adc_logo.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\security\cacerts svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\11s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\oildaubnoise.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\beeps\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_1h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files\mozilla firefox\firefox.visualelementsmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\office.odf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_anonymoususer_18.svg svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.874.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\w4.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\dcgoalcollapse_d.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-sendopts.jar svchost.exe File created C:\program files\java\jre1.8.0_66\lib\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square71x71\paintsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldbenullorempty.snippets.ps1xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\locale\lv\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\booleanmerge.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclocksmalltile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\context.snippets.ps1xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2653_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gi_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timerlargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\logo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\hr-hr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\goal_2.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\images\speaker-32.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\requests\readme.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\happy.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\security\blacklist svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-200_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchlargetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\resource\saslprep\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\themes\beach.mobile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-30_altform-fullcolor.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\powershellget\1.0.0.1\powershellget.psd1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_2017.311.255.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\snooze.contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-80_altform-fullcolor.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\setnetworkservercp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\ads_win10_previewbuild_3840_300x250.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\crying.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\widetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\pt-br.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derby.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\perfect\snapperfectribbon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-black_targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-advanced-dark.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorlargetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\images\en-us\windows-main-08294e1b-0ad7-4937-9616-fcbc42ff7ff1.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagelargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\it_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-256_altform-unplated_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square44x44logo.targetsize-16_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailsmalltile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_worriedeye.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\incomingcallbrandingimage.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\retail\retail_get_started_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5511_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe804.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_12s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\textured_inst_vs.fxo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mx_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8794_24x24x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\pdp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\cake.png svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\tzmappings svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-30_altform-unplated_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_~_kzf8qxf38zg5c\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\mozilla firefox\install.log svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\spider\itsy_bitsy_spider_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timermedtile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt_1.1.1.v20140903-0821.jar svchost.exe File created C:\program files\videolan\vlc\skins\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\fishfosl.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\klondike\respacks\gameplayklondike.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesplashlogo.scale-250.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\es_16x11.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclockmedtile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-light.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-60_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\ccloud_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fullscreen-exit.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\microsoft.cameraapp.native.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailmediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\widelogo.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\icons\spider.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\ja-jp\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\square44x44logo.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1938_20x20x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\widetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_saveautomatically_rtl_tablet.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7989_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\peoplesmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\themes\dark\icons.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\plugins\plugins.dat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-150_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\square71x71logo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\gd_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmaillargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\4.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\illustrations_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchsmalltile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-20_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7989_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\12c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmswidetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-white_targetsize-32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_link_18.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\tripeaks\low_altitude_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3009_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\649_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangewidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_pt_135x40.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\he-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\example_icons2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\af_get.svg svchost.exe File opened for modification C:\program files\videolan\vlc\locale\bg\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\179.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-48_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\deal\deal.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\jumbo_13d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\runninglate.scale-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore\resources\assets\rt_icons_spilt_16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\next-arrow-disabled.svg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File created C:\program files (x86)\google\update\1.3.35.452\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jre1.8.0_66\bin\plugin2\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\medtile.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\_resources\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\11891_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.scale-200.png svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\lib\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\1.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\12.rsrc svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubstorelogo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\7-zip\lang\ba.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\skypewidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorsplashscreen.contrast-black_scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\[email protected] svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-60_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files-select\js\plugin.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\testresults.tests.ps1 svchost.exe File opened for modification C:\program files\videolan\vlc\locale\oc\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timerlargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_pt-pt.respack svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square310x310\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-30.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\adobe_spinner.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagesmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5313_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailmediumtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\jfr\profile.jfc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apppackagebadgelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\albummediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\assets\square44x44logo.scale-200.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\boxed-correct.avi svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\199.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscamerasmalltile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\embosstext.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\whmarble.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagewidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cu_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-48_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\smooth.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apppackagesplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-72_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ml\lc_messages\vlc.mo svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\el\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\scanicon_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\badgecoinicon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4665_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mh_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\collections\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\assets\sample files\adobe acrobat pro dc.pdf svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\new-fixture.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-options_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\oneconnectsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\skype_call_dialing.m4a svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsstorelogo.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\fi-fi\ui-strings.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\oval_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apppackagelargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\resources\demomodeink.dat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsplashlogo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailwidetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\hand prints.htm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim2.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\expression_picker_tab_mruicon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-20_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailbadge.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlogoextensions.targetsize-256.png svchost.exe File created C:\program files\videolan\vlc\locale\ast\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\icon_supports.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-20_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10912_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\agavedefaulticon32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\qa_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsmalltile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-dark.scale-250.png svchost.exe File created C:\program files (x86)\common files\microsoft shared\msinfo\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\contrast\contrast-white\builderlogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesplashlogo.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ec_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ne_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorsmalltile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-24_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\_resources\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\cardbacks\autumn.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\smalllogo.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmsmedtile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\cameraicon_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\7.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_remove_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\idea.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square44x44logo.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-outlook.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_1s.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\freecell_icon.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\deploy\messages_zh_hk.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\jscripts\wefgallerywinrt.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarlogoextensions.scale-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\print.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_fr_135x40.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\3dbrush\brush_bristles.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-96_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\meta-inf\manifest.mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\apppackagestorelogo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_sun.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\devil.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\en-us\about_mocking.help.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\locale\kn\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\widetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\tripeaks\peak_jumper_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\navigationicons\nav_icons_trending.targetsize-48.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-36_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\cardbacks\aquarium.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorsplashscreen.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangelargetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\kab.txt svchost.exe File created C:\program files\videolan\vlc\lua\extensions\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\scale.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\1d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8196_20x20x32.png svchost.exe File created C:\program files (x86)\common files\microsoft shared\vsta\pipeline.v10.0\addinviews\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-80_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\rain.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bh_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\pr_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\opt-in-ad-popup.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1849_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\rock.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldbelessthan.snippets.ps1xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\images\officehublogo_44x44.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\starclubtile.small_.jpg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\examples\validator\validator.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\fileicons\filelogoextensions.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangebadge.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-48.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\correct.avi svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\new_collection_available.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1851_20x20x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\smalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\viewer\default-scene.bxf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\bt_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5601_20x20x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.common_3.6.200.v20130402-1505.jar svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\microsoft.stickynotes.views\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsmedtile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.5e302c35.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\widevinecdm\manifest.json svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-256_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\css\tool-view.css svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\da.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\medtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\contrast-white\dashboarddefaultthumbnail.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\back\back-up.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\tripeaks\expedition_leader_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\classfile_constants.h svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\pin\270x270.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5941_48x48x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\gimap.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-us\doc_offline_getconnected.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6440_72x72x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionmedtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.tasks.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\widelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\fullscreenquad.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_teethsmile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\skypewidetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-80.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\mng.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscamerasplashscreen.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5613_20x20x32.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_split.scale-100_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\emboss.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xecd2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-64.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\locale\en_us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\images\themeless\mobile_reader_logo.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchmedtile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\io.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\lt.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsptb.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-utilities.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedsplash.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-24_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\selection-action-plugins\epdf\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\cgg\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmaillargetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\sk-sk\ui-strings.js svchost.exe File created C:\program files\java\jdk1.8.0_66\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\microsoft.graphics.canvas.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\css\main-selector.css svchost.exe File created C:\program files\java\jdk1.8.0_66\db\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\mapdarktheme.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\email\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\weather_tilelargesquare.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\livetiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotepagesmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopeninrefocus.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsstorelogo.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\addressbook.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\smalllogo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5630_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailwidetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\win\cp1252.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\animation\coin_animation.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_win7.css svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages_sv.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\ja-jp\ui-strings.js svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\91.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.scale-100_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\surfacehub\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\diamonds_are_forever_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-64.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\comments.aapp svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileregistry\jmc.profile\1423496939244.profile.gz svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\medtile.scale-125.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-api-caching.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitairewidetile.scale-200.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\images\ratings\yelp7.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_newfolder_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\selector.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\splashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_tilesmallsquare.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\ja-jp\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\security\us_export_policy.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages_ko.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\spider\tips_2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square44x44\paintapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\xaml\onenote\captureui.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopeninrefocus.contrast-high_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-36.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\examples\calculator\add-numbers.ps1 svchost.exe File created C:\program files\java\jre1.8.0_66\bin\dtplugin\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ast\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupmedtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\osf\miniinfoblue_16x16x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\604_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_pyramid.3mf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\sl-sl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesplashlogo.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\acrobat_parcel_generic_32.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\1h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\dismiss.contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windows media player\media renderer\avtransport.xml svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\images\vlc16x16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6445_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\s_filetype_psd.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.smile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7d5.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\arrow-down.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\browser\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\dd_arrow_small2x.png svchost.exe File opened for modification C:\program files (x86)\internet explorer\en-us\hmmapi.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\attribution\accuweather.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.surprise.small.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore\resources\assets\rt_icons_splat_16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\embosscontour.scale-140.png svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\jscripts\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarmediumtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\firework1.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\zw_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\7.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\freecell\get_out_of_jail_free_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\hijrah-config-umalqura.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\classlist svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim2.surprise.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\13s.png svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\animations\onenotefre_clipandadd_rtl_tablet.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\txp_hotelreservation.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\lobbytiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square44x44\paintapplist.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peoplesplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailsmalltile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-windows.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\accessibility.api svchost.exe File opened for modification C:\program files\mozilla firefox\browser\omni.ja svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\belessthan.ps1 svchost.exe File created C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\microsoft.system.package.metadata\autogen\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\pester.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\mmm.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-16_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\smalllogo.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\ja-jp\playstore_icon.svg svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\v8_context_snapshot.bin svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\win32\bridge\accessbridgepackages.h svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\locale\boot_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscamerasmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5478_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\particles\fireworks.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-40_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\he-il\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\sunpkcs11.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\photoslargetile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\css\main.css svchost.exe File created C:\program files\windowsapps\microsoft.people_2017.222.1920.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\roses.htm svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\localedata.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_badgelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\oneconnectbadgelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\fullscreen\fullscreen-press.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\klondike\respacks\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxsmalltile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_illuemptystatedcfiles_280x192.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\core_icons_fw.png svchost.exe File created C:\program files\videolan\vlc\locale\pt_pt\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\va_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\dailychallenge_bp_920.jpg svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_2016.511.9510.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldexist.snippets.ps1xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\animation\coins out burst_00018.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-48.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxbadge.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\video.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_folder-default_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\tr.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\navigationicons\nav_icons_home.targetsize-48.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangesmalltile.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\timersmalltile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square44x44logo.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubwidetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8041_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\fj_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mg_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxsmalltile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\rna-main.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6924_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\upsell\dont_ask_check.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-36.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\end_review.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-256.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\de_get.svg svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\nunit_schema_2.5.xsd svchost.exe File opened for modification C:\program files\windows defender\thirdpartynotices.txt svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\images\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\sl_get.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_moustache.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square44x44\paintapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10146_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\next-arrow-default.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\system\msadc\en-us\msaddsr.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\worldclocklargetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\badgelogo1.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\stars.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\license.html svchost.exe File opened for modification C:\program files\videolan\vlc\locale\fr\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\css\main-selector.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\party.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\vc_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\klondike_bp_920.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\yt_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-16_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.454.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-80_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\mobile\en-us\doc_offline_getconnected.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_pl-pl.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-40_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\pfm\zy______.pfm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\xmloffkeys\keys_offver11.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6701_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\partnerjs\retaildemo.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-black\peopleapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8041_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\widelogo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\jvm.hprof.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\plus_icon.png svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\testdrive.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxlargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\themes\dark\rhp_world_icon_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\adobe_spinner.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\by_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxsmalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\da-dk\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\images\tiles\splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\storelogo\paintapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-dark.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\optimize_poster.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.felix.gogo.command_0.10.0.v201209301215.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\192.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sy_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-light.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\_resources\index.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\maps.backgroundtasks.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ca-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\spacer\8px.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\tripeaks\peak_jumper_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\sendforsignature.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\internet explorer\ie9props.propdesc svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winxpblutsframe.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.scale-100_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_anonymoususer_24.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_zh_cn.jar svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\s_thumbnailview_18.svg svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmslargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\acrobat_visual.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\windows media player\en-us\wmpnetwk.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\square150x150logo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\sweating.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\hijrah-config-umalqura.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.sad.small.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\spider\web_surfing_.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\escript.api svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\en-ae\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-execution.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6478_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\planecutmove.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6478_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-64_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filter-dark-focus_32.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\jm_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-32_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\pl-pl\ui-strings.js svchost.exe File created C:\program files (x86)\windows media player\media renderer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.console_1.1.0.v20140131-1639.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\s_radio_unselected_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangewidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\ta.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\core\core.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\buttons\back\back-over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypehost.winmd svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\s_radio_selected_18.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotepagemedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\hi.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\themes\dark\caution.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.scale-150.png svchost.exe File created C:\program files (x86)\windowspowershell\modules\pester\3.4.0\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\incomingcall.wma svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\jm_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\new_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\videolan\vlc\lua\intf\luac.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\fr-fr.phonenumber.sms.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_planet.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\smile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8576_20x20x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-60.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_auditreport_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\animation\crown-animation.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmslargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\assets\fallback.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\containexactly.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_ja.jar svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\au_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\movie-tvstorelogo.scale-150_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files\common files\system\msadc\adcvbs.inc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\326_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxmediumtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_illudcfilesempty_180x180.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\zh-tw\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\main\zh-changjei.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-applemenu.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10178_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7205_24x24x32.png svchost.exe File created C:\program files\windowspowershell\modules\packagemanagement\1.0.0.1\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\fr-fr\ui-strings.js svchost.exe File created C:\program files (x86)\google\chrome\application\dictionaries\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-dark.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarbadge.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\mapsapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\well-played_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotenotebookwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\waiting.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_illunointernetconnection_120x80.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\adc_logo.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\nub.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contactphoto.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\microsoftaccount.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xea23.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\homebanner.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\ja-jp\appstore_icon.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\clone.scale-180.png svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.2.24002.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-256_altform-unplated_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\inner glow.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-white\medtile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\3rdparty svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.scale-150.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubwidetile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxgameoverlay_1.15.2003.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslogoextensions.targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\pester.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\9724_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-dark.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\meta-inf\eclipse_.sf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\work\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\license.html svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\configuration\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\communityservicesprovider.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\rs_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\menuclose_d.wav svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\hprof-16.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-queries.xml svchost.exe File created C:\program files\windows media player\skins\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmssplashscreen.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_lightning_bolt.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-dark.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_2017.130.1208.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\nub.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\ink\en-us\tabtip32.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-16_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.surprise.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\_resources\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\moji_mask.contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\en-us\about_pester.help.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\popup\pop_up_i.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\cmm\gray.pf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\apppackagesplashscreen.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\peopleapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\jp_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmaillargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-outlook.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\ky.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\lib\ext\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubbadgelogo.scale-125_contrast-high.png svchost.exe File created C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-48_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\eo.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_12d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-in\en-in_female_tts\ruleset_en-in_tts.lua svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\plugin.js svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangelargetile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_hexagon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosstorelogo.contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-24.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\close.svg svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\dailymotion.luac svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\largelogo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\dcfireworks_e.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebookwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotereplaycrosshairicon-1.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\lockscreenbadgelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsplashlogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-advanced-light.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchmedtile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_10h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_1h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\al_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\resource\cmap\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\spider\itsy_bitsy_spider_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\eu-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\microsoft.cameraapp.richjpgbgtaskentry.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\dd_arrow_small.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_opencarat_18.svg svchost.exe File created C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example3.diagnostics\1.1.1\diagnostics\simple\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\msinfo\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8080_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3569_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_us\en_us.dic svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5313_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\pg_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\mr.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-24_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_1s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\pages\winrthost.htm svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\themes\dark\new_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\mask\13h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\smalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedsmalltile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\common files\system\ado\adojavas.inc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\91.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ch_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\calculatorlargetile.contrast-white_scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files-select\js\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\pt-br\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\system\ado\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\meta-inf\eclipse_.sf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_ja.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-spi-actions.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-de_de_2x.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\progressbar\progressback.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square44x44\paintapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7205_48x48x32.png svchost.exe File created C:\program files\windows media player\media renderer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-60.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\faf_icons_retina.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\freecell\respacks\gameplayfreecell.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\kz_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\selection-actions2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt_3.103.1.v20140903-1938.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2875_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\windows nt\tabletextservice\tabletextserviceyi.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedwidetile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bl_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmmdl2.ttf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\_resources\index.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-outlook.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-96_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_eu-es.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\1914_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsplashlogo.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\acrolayoutrecognizer\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\lib\jfluid-server.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\emboss.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\slide_in.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-light.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-36_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\zh-tw\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-light.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storebadgelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\zh-tw\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\af\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-white_targetsize-256.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\computer_black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\cool.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\moretools.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\themes\dark\s_filetype_xd.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\pl-pl\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\system\ole db\en-us\sqloledb.rll.mui svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\pester.psd1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\oneconnectmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_targetsize-30.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\storebadgelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1249_72x72x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebooklargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsmalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\nb-no\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windows media player\media renderer\connectionmanager_dmr.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\604_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\ko_get.svg svchost.exe File opened for modification C:\program files\7-zip\lang\mk.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\goal_4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_history_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\widetile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\en-ae\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\hu-hu\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\animation\coin particles.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\10.jpg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\mozilla firefox\removed-files svchost.exe File opened for modification C:\program files\videolan\vlc\locale\an\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\medwood.jpg svchost.exe File opened for modification C:\program files\videolan\vlc\skins\winamp2.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-80.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\css\main-selector.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\iw_get.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\email\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\pf_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\hn_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\notification.send.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\applist.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\popup\fue3_image.jpg svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\build.psake.ps1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\tripeaks\goal_6.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-exchange.scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\diagnostics\simple\simple.tests.ps1 svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\paperbag.jpg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\starclub\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\sounds\speedlimitviolationalert.wav svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\microsoft.xbox.smartglass.controls\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowscalculator_2017.131.1904.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-16_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\dot_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\en-il\ui-strings.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-20.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim2.wink.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\fullscreen\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_2015.7668.58071.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\alarmsmedtile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-light.scale-400.png svchost.exe File created C:\program files\common files\microsoft shared\ink\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-white\smalllogo.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1851_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-48.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ru-ru\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\keychain.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\icon_finish.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar svchost.exe File opened for modification C:\program files\readtrace.easmx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\12d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7656_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsapplist.targetsize-36_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_2017.130.1208.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\nb-no\ui-strings.js svchost.exe File created C:\program files\common files\microsoft shared\ink\fsdefinitions\main\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\jumbo\mask\1d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\_resources\1.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_2017.222.1920.0_neutral_~_8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.sad.small.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\tile_base.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2653_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5671_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo_2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\security\local_policy.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\resources.pri svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\s_empty_folder_state.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\ja-jp\ui-strings.js svchost.exe File created C:\program files (x86)\google\chrome\application\81.0.4044.129\widevinecdm\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\contain.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\audio\dcgoalpopup_a.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_1c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsmalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\fr-ma\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorsmalltile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_2017.113.1250.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\976_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopeninrefocus.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-us\en-us_female_tts\prompts_en-us_tts.lua svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\it-it\playstore_icon.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\win32\bridge\accessbridgecalls.h svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-generic-light.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_illuerror_136x136.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files-select\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\voicerecordermedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\booleanmerge.scale-140.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\core_icons.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailmediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-dark.scale-400.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\cs\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-32_contrast-black.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-generic-light.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\it-it.phonenumber.sms.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storeapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\assets\storelogo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square44x44logo.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\levelindicator.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\tumbleweed.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-30.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-core-kit.jar svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\solve\autosolve_button_over.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\xboxcontrol\avatar-mask.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\widelogo.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sm_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\mn_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\icons.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\11c.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\eu-es\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\css\main.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\info.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_us\en_us.aff svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-modules.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim2.surprise.small.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\yawning.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\readme.md svchost.exe File created C:\program files\common files\microsoft shared\ink\es-mx\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\sk-sk\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_hexagon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tr_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cl_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmailmediumtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\video_offline_demo_page3.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\dd_arrow_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedwidetile.scale-100_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x86__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_13d.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ta\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailbadge.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-256_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\in.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\weather_badgelogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-us.phonenumber.sms.ot svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesplashlogo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\oneconnectsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\previewmaillist.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\icons\freecell.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\maplighttheme.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\selector.js svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\supplementaldictionaries\en_us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsplashlogo.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\share_icons.png svchost.exe File opened for modification C:\program files\windows nt\tabletextservice\tabletextserviceamharic.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\ppklite.api svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\planecutkeepboth.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\resources.657511a0.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photoslargetile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7336_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailsmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\ratings\yelp2.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\dot.cur svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\sk-sk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\xboxcontrol\xbox-press.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5601_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\swipeteachingcalloutimage.layoutdir-rtl.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-20_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-core-multitabs.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-ui.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubsplashsquaretile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-256_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend_background_symbols.jpg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\adobe_spinner.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\version.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\highfive.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-36_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\ru-ru\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-progress-ui.jar svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\spider\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowspowershell\modules\psreadline\1.2\psreadline.psd1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\lightedtextured_pixellighting_vs.fxo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxbadge.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-black\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditrichcapture.contrast-high_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\splashscreen.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_cardback.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_11s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\jscripts\winrthost.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-36_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\mactsframe.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\splashscreen.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\microsoft.advertising.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-32_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\beach_11h.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\s_close2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\file_obj.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\starttile.dualsim1.smile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\li_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3007_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\smalllogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmaillargetile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_ellipses_selected.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sk_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\square71x71logo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\pt_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\themes\dark\example_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\booleanintersect.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsplashlogo.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubsplashscreen.scale-100_contrast-high.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windows nt\tabletextservice\tabletextserviceamharic.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.net.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedsmalltile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_~_kzf8qxf38zg5c\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\roman.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_11s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\models\en-us.phonenumber.ot svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_glasses.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\exchangelargetile.scale-200.png svchost.exe File created C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\diagnostics\simple\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\de-de\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore.vui.winmd svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\xboxapp.resource\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_invite_24.svg svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\nb.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\ij svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesplashlogo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7336_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\thirdpartylicensereadme.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarbadge.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-light.scale-100.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\osknumpad.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x86__8wekyb3d8bbwe\microsoft.advertising\bootstrap.html svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapswidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\splashscreen.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.xml svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\ext\sunec.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\vo_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.targetsize-80.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\dot_2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_fr.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\splashscreen.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\156.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\vi_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\collections\medtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\ratings\yelp4.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\0.rsrc svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\it-it\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_11c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\widelogo.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\flavormap.properties svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core_2.3.0.v20131211-1531.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bd_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\photosapp\assets\thirdpartynotices\thirdpartynotices.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-24.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedlargetile.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\largelogo.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\libs\require\2.1.15\require.min.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\facepalm.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\sg_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\ko-kr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\toast.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\images\officehublogo_310x150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\goal_1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\peoplewidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sk_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\stopwatchmedtile.scale-200.png svchost.exe File created C:\program files\common files\microsoft shared\vsto\10.0\1033\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\mozilla firefox\browser\visualelements\visualelements_150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-80.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\acroform\pmp\qrcode.pmp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\cs-cz\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\plugin.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.di_1.0.0.v20140328-2112.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\assets\preview.scale-200_layoutdir-ltr.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebookwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\sk-sk\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipssrl.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\compare_poster.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\selector.js svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ar\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\cue.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6416_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\pfm\zx______.pfm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-exchange.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fill-sign-2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\images\themes\dark\help.svg svchost.exe File created C:\program files\videolan\vlc\locale\mr\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\da-dk\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\en-us\msader15.dll.mui svchost.exe File opened for modification C:\program files (x86)\windows media player\media renderer\dmr_120.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackageapplist.targetsize-96_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\relivesurfaces\video\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubsmalltile.scale-100_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\cs-cz\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\pt-br\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\s_radio_unselected_18.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\cmm\srgb.pf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\assets\badgelogo1.targetsize-54.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectiongroupsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmaillargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\inmodulescope.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\nl-nl\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\ink\en-us\inkobj.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\apppackagemedtile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\me_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\dull.png svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\core_icons.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\it\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-32_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-20_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameend\gameend_redstrip_center.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\diagnostics\comprehensive\comprehensive.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\shouldmatch.snippets.ps1xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\applist.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sd_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-20.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_editpdf_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\widevinecdm\license svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_cs-cz.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\widetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\smalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\splashscreen.scale-100_contrast-white.png svchost.exe File created C:\program files\common files\microsoft shared\ink\et-ee\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecordersmalltile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpage\goldicon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-dark.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\holoassets\hololens_surfacereconstruction.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\appxblockmap.xml svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\starclub_bp_920.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7316_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\genericmaillargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-30.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-us\en-us_female_tts\platform_format.lua svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\sound.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsstorelogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7296_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailbadge.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\searchemail.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\en-gb\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_logosmall.targetsize-24_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.desktopappinstaller_1.1.25002.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\packager.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\first_one’s_free_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\effects\snow.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\avatar_group_large.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailmediumtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderlogoextensions.targetsize-20.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\nb-no\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_ko_135x40.svg svchost.exe File opened for modification C:\program files (x86)\common files\system\ado\msado20.tlb svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\largetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\smalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\themes\dark\icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclockmedtile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5601_32x32x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_anonymoususer_24.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\images\digsig_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\he-il\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\selector.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\microsoft.applications.telemetry.windows.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\wide310x150\paintwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ps_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cm_16x11.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\begreaterthan.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acrocef\copying.lgplv2.1.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-text_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-20.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\images\icons_retina.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-white\apppackagesmalltile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\klondike\control_1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cr_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-us.phonenumber.sms.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-dark.scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\readme.md svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\11d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7357_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-30_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\sl-si\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows media player\en-us\wmpnscfg.exe.mui svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\nb-no\ui-strings.js svchost.exe File created C:\program files (x86)\common files\system\msadc\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_hr-hr.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8577_32x32x32.png svchost.exe File created C:\program files\windowspowershell\modules\powershellget\1.0.0.1\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\security\javaws.policy svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\widetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mz_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-black_targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\10.rsrc svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File created C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\fonts\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmailsmalltile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\common files\system\ole db\sqloledb.rll svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\tee\en-us.postaladdress.model svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8201_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\bug.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailbadge.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\info2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-64_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\file_types\acrobat_pdf.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-white_targetsize-20_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\themes\dark\example_icons2x.png svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\[email protected] svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\popup_4-5.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\pa_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-recent-files\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4627_24x24x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-multitabs.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\well-played_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagewidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\69_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-yahoo-light.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailwidetile.scale-125.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\ja-jp\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\change.png svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\5671_32x32x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\myriadpro-boldit.otf svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\images\ratings\yelp7.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\brokenheart.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhublargetile.scale-200_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\meta-inf\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscameramedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-black\square310x310logo.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\mmm.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\resources\retaildemo\strings\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-white\logo.scale-150_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\[email protected] svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\appxclickhandler.winmd svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-views.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_sunglasses.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\garden.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ir_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\et_get.svg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\storeratingpromotion.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\co_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\contrast\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_logosmall.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\klondike\mining_for_gold_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4665_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ar_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\photosapplist.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\fr-fr\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotemediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailwidetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\id_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-64_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.scale-400.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\musicstorelogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\check-mark-1x.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\languagemodel\chstic.dgml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\epl-v10.html svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\outlookmailsmalltile.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesplashlogo.scale-300.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarapplist.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_signed_out.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.874.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File created C:\program files (x86)\windowspowershell\modules\powershellget\1.0.0.1\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-30_altform-unplated_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchmedtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailsmalltile.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapsapplist.targetsize-32_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\storeapplist.targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorlargetile.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\common files\system\ado\msado25.tlb svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\ca-es\ui-strings.js svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailsmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarsplashlogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\_resources\20.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\klondike\blizzard-of_bliss_.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\images\sat_logo.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-72_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-48_altform-unplated.png svchost.exe File created C:\program files\java\jdk1.8.0_66\jre\bin\dtplugin\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\thirdpartylicensereadme-javafx.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\contrast-black\apppackageapplist.targetsize-30_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-30_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\hi_contrast\core_icons__retina_hicontrast_bow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\daily_challenge.jpg svchost.exe File created C:\program files (x86)\windowspowershell\modules\pester\3.4.0\snippets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\clicktorun\frequentofficeupdateschedule.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\license.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\apppackagewidetile.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\livetiles\microsoftsolitaireapplist.targetsize-24_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ag_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\to_16x11.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\sl-si\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-256.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\core_icons_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_zh_cn_135x40.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_13h.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\storelargetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\en-us.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\sounds\delete_contact.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\rss.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\config.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebookwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\69_32x32x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\telemetryrules\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-core-ui.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\tournament\gamemodespider.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-24_altform-unplated.png svchost.exe File created C:\program files (x86)\windowspowershell\modules\powershellget\1.0.0.1\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\win32\bridge\accessbridgecalls.c svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\vocaroo.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\nu_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-yahoo-dark.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\rhp\exportpdf-rna-tool-view.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\tr-tr\ui-strings.js svchost.exe File created C:\program files (x86)\google\update\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\time.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\yt_16x11.png svchost.exe File opened for modification C:\program files (x86)\common files\system\msadc\en-us\msadcor.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-64.png svchost.exe File opened for modification C:\program files (x86)\windows defender\en-us\mpasdesc.dll.mui svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\jconsole.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jmx.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4665_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\acrobat_parcel_generic_32.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\content\desktop\en-gb\doc_offline_narrator.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\large_trefoil_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_organize_18.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-20.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\bg_get.svg svchost.exe File opened for modification C:\program files\videolan\vlc\locale\sk\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\autumndeck4.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\worldclocklargetile.contrast-black_scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-exchange.scale-300.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxspeechtotextoverlay_1.14.2002.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\security\trusted.libraries svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\mapssmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\shouldnotbe.snippets.ps1xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\dd_arrow_small.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\bn_in\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionmedtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\microsoft.powershell.operation.validation.format.ps1xml svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\cs-cz\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\square44x44logo.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\11891_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7357_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.wallet_1.0.16328.0_x64__8wekyb3d8bbwe\index.html svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\nub.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gs_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\xboxcontrol\user_icon-up.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionwidetile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\images\themes\dark\bg_patterns_header.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarwidetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\back-arrow-focus.svg svchost.exe File created C:\program files\common files\microsoft shared\ink\fsdefinitions\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.workbench_3.106.1.v20140827-1737.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\solve\autosolve_button_up.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_split.scale-100_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\sl_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-outlook.scale-250.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\largetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\widelogo.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_pigear.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6478_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-48_altform-unplated_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\dj_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\sv-se\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\fa.pak svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\office.odf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\3009_20x20x32.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\iheart-radio.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\include\jvmticmlr.h svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\javaws.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectiongroupsmalltile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\close.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-125_8wekyb3d8bbwe\resources.pri svchost.exe File created C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square44x44\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_2016.511.9510.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\applist.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\handprints.jpg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timerlargetile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-80_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\sv-se\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\functions.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4665_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-32_altform-fullcolor.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\medtile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedlargetile.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\10393_36x36x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleapplist.targetsize-40.png svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_2019.16112.11601.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\license svchost.exe File opened for modification C:\program files\videolan\vlc\skins\skin.catalog svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\background_gradient_2.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\effects\effects_lobby_stars.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\themes\dark\core_icons_fw.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\applist.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsplashscreen.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_4_point_star.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_thought_bubble.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\resources\fonts\segmvr2.ttf svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\download.svg svchost.exe File created C:\program files\videolan\vlc\locale\ka\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\hug.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\invertcoloreffectps_uv.cso svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\share_icons2x.png svchost.exe File opened for modification C:\program files\7-zip\lang\ku-ckb.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\0.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\western_12h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_x64__8wekyb3d8bbwe\microsoft.stickynotes.views\images\frown.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\passthroughps_bgra.cso svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\snippets\it.snippets.ps1xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\sl-si\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpage\mainpage_more_awards.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\videos\help\roundedfreehand3d.mp4 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\themes\dark\faf_field_grabber.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\movie.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\plugin.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\js\nls\fr-ma\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\sticker_eyebrow.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypeapplist.targetsize-16_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-40_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\zh-cn\ui-strings.js svchost.exe File created C:\program files (x86)\reference assemblies\microsoft\framework\v3.0\redistlist\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\sqlitewrapper.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\difficultystar.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\core_icons_retina.png svchost.exe File created C:\program files\windows defender advanced threat protection\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\pt-br\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\gl_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxa-advanced-light.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\js\nls\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-black\applist.scale-200_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ax_16x11.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timermedtile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-256_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\reviews_joined.gif svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-36.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2210_20x20x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\work\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe\assets\smalllogo.png svchost.exe File created C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_ca\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\belike.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\premium_background_icon.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\smalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\sl-sl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\videolan\vlc\locale\tet\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\_resources\10.rsrc svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectwidetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\doh.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\cx_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.viewerplugin\compositesurface\compositecontrol.xaml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-black\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example3.diagnostics\2.0.1\diagnostics\simple\example3b.diagnostics.tests.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_sk-sk.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\icon_rate_and_review.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3838_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\handshake.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmaillargetile.scale-100.png svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\css\ui-lightness\images\ui-icons_ffd27a_256x240.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\granite.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-20_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\uk-ua\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ms\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\spacer\10px.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\calendar\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\particles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\wide310x150\paintwidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\uk.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-white\medtile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_pentagon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\za_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\font\pfm\sy______.pfm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\be_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsplashlogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\largetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\chevron_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-white\smalltile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\sv-se\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\do_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-30_altform-unplated_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\tile\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\timersmalltile.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-20_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarlargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\classic_12c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg6.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\id_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_cn_5.5.0.165303.jar svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2875_24x24x32.png svchost.exe File created C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example1.diagnostics\diagnostics\simple\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fil_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\resetcoord.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\aquarium_13s.png svchost.exe File created C:\program files\videolan\vlc\plugins\visualization\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bb_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxcalendarbadge.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\containexactly.ps1 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\heidy.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sample-files\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\contrast-white\peopleapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\mo_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\widetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\modules\dkjson.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\square71x71\paintsmalltile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7739_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubsplashwidetile.scale-200.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsesp.xml svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_replace_signer_18.svg svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubsplashsquaretile.scale-125_contrast-black.png svchost.exe File created C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\partnerjs\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\plugins\rhp\exportpdfupsell-app-tool-view.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\tripeaks\extreme_altitude_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotewidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\movie.png svchost.exe File opened for modification C:\program files\7-zip\lang\ast.txt svchost.exe File opened for modification C:\program files\protectunregister.3gpp svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\traffichub\contrast-white\medtile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotewidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\contrast-black\storeapplist.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\resources\cursorxbox_normal.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_zh-cn.respack svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\pl-pl\playstore_icon.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-256_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\beeps\config.lua svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\square44x44logo.targetsize-256_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\th_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\alarmsbadge.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\zh-cn\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-125_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconeditrichcapture.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\exchangesmalltile.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_2017.113.1250.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_cs_135x40.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\eu-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\cldrdata.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\windowsicons\windowscamerasplashscreen.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotenotebooklargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\um_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\cstm_brand_preview.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\msasignin.winmd svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-options_zh_cn.jar svchost.exe File created C:\program files\videolan\vlc\locale\ar\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\cortanaplaces.winmd svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\amd64\jvm.cfg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sampler.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\contrast-black\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\projectionspheric.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\ax_60x42.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\planecutkeepbottom.scale-180.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\themes\dark\icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\beach\mask\12h.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\oneconnectsplashscreen.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhubwidetile.scale-125_contrast-high.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\smiley face.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_2017.209.105.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\images\rhp_world_icon_hover.png svchost.exe File opened for modification C:\program files\windows media player\en-us\setup_wm.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8498_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\headbang.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\159.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\attribution\foreca.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\xmloffkeys\keys_offver365.xml svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\calendars.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsmedtile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_ru.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\appxmanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\selection-action-plugins\cpdf\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\skype_call_calling.m4a svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cy_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_2017.131.1904.0_neutral_~_8wekyb3d8bbwe\appxmetadata\appxbundlemanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\10146_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-36_altform-unplated_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\stop_collection_data.gif svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\lr_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\example_icons.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\themes\dark\illustrations.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\32.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bm_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\plus.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\microsoft.msn.controls\endoflife\assets\farewell.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarwidetile.scale-200.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\ext\sunec.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\livetiles\microsoftsolitairemedtile.scale-100.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\fable\fable_13h.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\microsoftaccount.scale-180.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\createpdfupsell-app\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\assets\tilebg.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\mapssmalltile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagebackground.html svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\incoming_file.wav svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\oliver.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-20_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\x_2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\cloud_secured_lg.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\meta-inf\eclipse_.rsa svchost.exe File created C:\program files\videolan\vlc\plugins\stream_out\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\prizehistory\badges_silver.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6767_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmailapplist.targetsize-40.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\genericmailmediumtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-24.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-32_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailbadge.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-generic-light.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowspowershell\modules\pester\3.4.0\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\collectsignatures.aapp svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\stopnetworkserver.bat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\icons_icon_wind_sm.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\coreengine\data\3dbrush\round18-15.wts svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenoteapplist.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-40_altform-unplated.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\beeps\beeps\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\css\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\mapsapplist.targetsize-40.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\texturedcolored_vs.fxo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cw_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\place\widetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.docs.zh_cn_5.5.0.165303.jar svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\epl-v10.html svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxa-outlook.scale-300.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\car\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\microsoft.powershell.operation.validation.tests.ps1 svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\license svchost.exe File created C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_neutral_~_8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\lc_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchmedtile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files (x86)\common files\microsoft shared\stationery\orange circles.htm svchost.exe File opened for modification C:\program files\videolan\vlc\locale\hy\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windows defender advanced threat protection\en-us\mssense.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-64.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-64_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\powershellget\1.0.0.1\psget.resource.psd1 svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.contrast-black_targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailsplashlogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\vi_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\microsoft.people.controls.winmd svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\microsoft.bing.client.graph\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\fr-ma\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_zh-tw.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\microsoft.xaml.interactions.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\icon.targetsize-256.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-256_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\common files\microsoft shared\ink\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\msinfo\en-us\msinfo32.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_neutral_split.scale-150_8wekyb3d8bbwe\assets\starttile.dualsim1.scale-150.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-96_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\generic_placeholder.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-io_ja.jar svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\workflow\navcolumn_black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\oneconnectwidetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\skypemedtile.scale-200.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\acroapp\enu\epdf_full.aapp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_duplicate_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_folder-disabled_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\js\nls\root\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\multi-tab-file-view-2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\91.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\audio\skype_call_hold.m4a svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\build.bat svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\images\themes\dark\bun.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\content\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\en-il\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\hand prints.htm svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_logosmall.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-black\largetile.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\_resources\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\@1x\[email protected] svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\icu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.xaml.toolkit\assets\hud\background.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpage\diamondicon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-80_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\visualelements\smalllogo.png svchost.exe File opened for modification C:\program files\submitunlock.ttf svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\collections\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedstorelogo.scale-100_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\cv_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\vi_16x11.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\hwrenclm.dat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apppackagesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\linkedinboxlargetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\music_offline_demo_page1.jpg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailbadge.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\198.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\logos\badgelogo\paintapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-30_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_filter-hover_32.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\diagnostic-command-16.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\images\ratings\yelp6.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectionwidetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\idea.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\common files\system\ole db\oledbjvs.inc svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\images\stickers\thumbnails\sticker_icon_bark.png svchost.exe File created C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\livetile\w1.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1250_72x72x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\bin\textured_ps.fxo svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\fr-fr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\images\ratings\yelp3.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-96_altform-unplated_contrast-high.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\tr-tr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\nb-no\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5601_40x40x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\rhp_world_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\pyramid\control_2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\mso0127.acl svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\drunk.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\wink.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\css\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\en-us\tabskb.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe\_resources\index.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\dull_tauri.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_neutral_split.scale-100_8wekyb3d8bbwe\lumia.viewerplugin\assets\iconopenincinemagraph.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmaillargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\smalltile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_pt_br.jar svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_hexagon.3mf svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\bq_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\2_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\images\ratings\yelp6.scale-100.png svchost.exe File opened for modification C:\program files (x86)\common files\adobe\reader\dc\linguistics\providers\plugins2\adobehunspellplugin\dictionaries\en_gb\en_gb.aff svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\microsoft.apps.people.backgroundtasks.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\outlookmaillargetile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\css\main.css svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.skypeapp_11.8.204.0_neutral_split.scale-125_kzf8qxf38zg5c\skypeapp\assets\edit_12x12.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\wave_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\undo\undo-over.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\sampleheader\globe32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\arrow-up.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\psfontj2d.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupsmalltile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-white\peopleapplist.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\contrast-white\widetile.scale-100.png svchost.exe File created C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-16_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\sl_get.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\dc_holderearned.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangemediumtile.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\line_2x.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\pl-pl\tipresx.dll.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\deselectall.scale-140.png svchost.exe File created C:\program files\windowsapps\microsoft.net.native.runtime.1.4_1.4.24201.0_x86__8wekyb3d8bbwe\microsoft.system.package.metadata\autogen\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\home\largetile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\windows nt\tabletextservice\tabletextservicedayi.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\car\ltr\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\work\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\8498_32x32x32.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\traffichub\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\esl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\inline-error-2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\fi_get.svg svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsnld.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\print.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7296_20x20x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-white_targetsize-32.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\tl\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\buttons\solve\autosolve_button_up.mobile.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\eg_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\kg_16x11.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\et_get.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapsmedtile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\themes\dark\close.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml svchost.exe File created C:\program files\windows nt\accessories\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\calculatorsplashscreen.contrast-black_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\time.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6486_24x24x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\mac\croatian.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\keyboard1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\en-us\demonotebook.onepkg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\puking.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\en-us\mso.acl svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-72_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\app-center\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\windows media player\skins\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-180_8wekyb3d8bbwe\assets\office\centerview.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-256_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-white\widetile.scale-200.png svchost.exe File created C:\program files\java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_neutral_split.scale-100_kzf8qxf38zg5c\skypeapp\assets\edit_12x12.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.apptk.nativedirect3d.uap\native3d.texturerenderervertexshader.cso svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-files\js\nls\root\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\linkedinboxlargetile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-16_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\js\nls\sv-se\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\uss-search\js\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\7-zip\lang\uk.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\appxmetadata\codeintegrity.cat svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-gb\en-gb_female_tts\skin_en-gb_female_tts.lua svchost.exe File created C:\program files (x86)\windows nt\tabletextservice\en-us\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\cmm\linear_rgb.pf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\voices\en-in\en-in_female_tts\skin_en-in_female_tts.lua svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\en-il\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\images\new_icons_retina.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\example_icons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\al_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-16_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_illuerror_136x136.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarwidetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\medtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotenotebooksmalltile.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\fileextension.targetsize-32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\tools\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubsplashscreen.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\localization\localized_pt-br.respack svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themedownload\download_bar_base.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\office365logowlockup.scale-180.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\lr_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\place\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-black\mapswidetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\hu-hu\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\hr-hr\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\requests\browse.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_x64__8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.targetsize-96.png svchost.exe File created C:\program files\common files\microsoft shared\ink\da-dk\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubsplashsquaretile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\illustrations.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\lib\boot.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\lobbytiles\spider_bp_809.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\7656_24x24x32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\meta-inf\eclipse.inf svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\er_60x42.png svchost.exe File created C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarsplashlogo.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\activity-badge\js\nls\zh-cn\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\resource\typesupport\unicode\mappings\win\cp1253.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\de-de\tipresx.dll.mui svchost.exe File opened for modification C:\program files\videolan\vlc\locale\zh_cn\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.starclub\assets\stripes\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailmediumtile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmaillargetile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\insiderhubapplist.scale-100_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\default_apps\docs.crx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\lumia.videotk\hueshifteffectps_bgra.cso svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\en-ae\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\signatures\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\jfxswt.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\13h.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5601_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\export.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\app\dev\nls\uk-ua\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\hr.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-48_altform-colorize.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\genericmailmediumtile.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\de-de\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\auxpad\auxbase.xml svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscamera_2017.125.40.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\windowsicons\windowscameraapplist.contrast-black_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-32_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\de-de\ui-strings.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\walk-through\js\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_neutral_split.scale-140_8wekyb3d8bbwe\assets\office\clone.scale-140.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\aquarium\mask\12d.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\oneconnectapplist.targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\la_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-96.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\423x173\1.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5311_48x48x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer\css\main-selector.css svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\bg4_thumb.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\contrast-white\largetile.scale-200.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-computer-select\js\nls\es-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\apptiles\mapswidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectapplist.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\stopwatchwidetile.contrast-white_scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\3899_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\oneconnectsplashscreen.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files-select\css\main.css svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\completecheckmark.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\stationery\peacock.htm svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win-scrollbar\vscroll-thumb.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\digsig\js\nls\nb-no\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\hu-hu\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windows nt\accessories\en-us\wordpad.exe.mui svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\microsoft.cpub.skuinterop.winmd svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\images\example_icons2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\fi-fi\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-black\oneconnectapplist.targetsize-60.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\peoplesplashscreen.scale-125.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\email\dc_logo.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\microsoft.advertising.winmd svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\voice.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\nl-nl\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_zh_4.4.0.v20140623020002.jar svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1251_36x36x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_checkbox_partialselected-default_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\aicuc\js\plugins\convertpdf-tool-view.js svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\bbc_co_uk.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\challenge\become_a_superstar_.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\searchemail.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\tg_16x11.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\perfect\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\eu-es\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\ko-kr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_neutral_split.scale-125_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscamera_2017.125.40.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7260_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-48_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\pdf-ownership-rdr-fr_fr_2x.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\about.html svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\western\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhublargetile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhublargetile.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\12.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\resources\topicpage\core_ltr.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\hk_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\apptiles\storelargetile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\sl-si\ui-strings.js svchost.exe File created C:\program files\windowsapps\microsoft.net.native.framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\iheart-radio.scale-125.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\animation\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.targetsize-96.png svchost.exe File created C:\program files\common files\microsoft shared\ink\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.xboxapp_25.25.13009.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\gamesxboxhubmedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotepagemedtile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsmalltile.scale-400.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\s_illuemptystateccfiles_280x192.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\generic-rhp-app\js\plugins\rhp\generic-rhp-app-selector.js svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\search-summary\js\nls\pt-br\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\images\themes\dark\cloud_secured_lg.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-48_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\streammap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\icons\icon_fullscreen.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\reviews\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\7-zip\lang\sl.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\dailychallenges\largespidertile.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\assets\photosapplist.contrast-black_targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-40_contrast-white.png svchost.exe File created C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\fss\img\themes\dark\adobe_sign_tag.png svchost.exe File created C:\program files (x86)\windowspowershell\modules\pester\3.4.0\functions\assertions\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowscalculator_10.1702.312.0_neutral_split.scale-125_8wekyb3d8bbwe\appxmanifest.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\peoplesmalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-20_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\send-for-sign\js\nls\fi-fi\ui-strings.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-openide-filesystems.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ao_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.storepurchaseapp_1.0.45.0_x64__8wekyb3d8bbwe\assets\splashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\hxmailapplist.targetsize-96.png svchost.exe File created C:\program files (x86)\windows nt\tabletextservice\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\catalog\shape_pyramid.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\localized_images\pt-br\playstore_icon.svg svchost.exe File opened for modification C:\program files (x86)\google\chrome\application\81.0.4044.129\locales\te.pak svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\autumn_13s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-white\largetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\images\cursors\win32_movedrop32x32.gif svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\voicerecordersmalltile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\office\selectall.scale-100.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\build.bat svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\ru-ru\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\playstore\fr_get.svg svchost.exe File opened for modification C:\program files\videolan\vlc\locale\ne\lc_messages\vlc.mo svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\tripeaks\respacks\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxmaillargetile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\applist.targetsize-48_altform-unplated.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\core\dev\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\twitch.luac svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\export.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ae_16x11.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\fsdefinitions\oskpred.xml svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_ja.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_cn.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weatherimages\210x173\27.jpg svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\tripeaks\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\smalllogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\gameplayassets\commongameplay.respack svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\images\themeless\redact_poster.jpg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\ro-ro\ui-strings.js svchost.exe File opened for modification C:\program files\java\jre1.8.0_66\lib\deploy\messages_it.properties svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\insiderhubwidetile.scale-125_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\fable\fable_10h.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\holoassets\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-64_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themepreview\backgrounds\beach.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxcalendarapplist.targetsize-16.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\js\plugin.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-64_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-72.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\autumn\mask\12s.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\6416_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-40_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\work\ltr\contrast-black\widetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-125_8wekyb3d8bbwe\assets\contrast-black\largelogo.scale-125_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_illunosearchresults_180x160.svg svchost.exe File created C:\program files (x86)\common files\microsoft shared\vsta\pipeline.v10.0\contracts\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\common files\microsoft shared\ink\fr-ca\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-openide-io_zh_cn.jar svchost.exe File opened for modification C:\program files\videolan\vlc\lua\playlist\liveleak.luac svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\musicstorelogo.scale-200.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_2017.209.105.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-black\applist.targetsize-64_altform-unplated_contrast-black.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_export_18.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\download_on_the_app_store_badge_da_135x40.svg svchost.exe File opened for modification C:\program files\common files\services\verisign.bmp svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\nr_60x42.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\plugins\editpdf-selector.js svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbylocale_ko_kr.jar svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\org-openide-execution.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\popups\diamondbadgeearned.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\lobby_deck_style_western.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsstore_11701.1001.874.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\completecheckmark2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fullscreen.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\sharpdxengine\rendering\shaders\builtin\hlsl\texturedcolored.fx svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\nerd.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowssoundrecorder_10.1702.301.0_neutral_split.scale-200_8wekyb3d8bbwe\resources.pri svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailapplist.targetsize-30.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\si\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\home\js\nls\es-es\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxa-exchange.scale-150.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\files\dev\nls\zh-tw\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\java\jre1.8.0_66\bin\server\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\exchangewidetile.scale-125.png svchost.exe File opened for modification C:\program files\videolan\vlc\locale\sv\lc_messages\vlc.mo svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\microsoft.advertising\ormma.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\de-de\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\images\themes\dark\adc_logo.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\largelogo.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesectiongroupmedtile.scale-400.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\stopwatchsmalltile.contrast-white_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_neutral_resources.scale-150_8wekyb3d8bbwe\assets\contrast-black\musicstorelogo.scale-150_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\worldclockmedtile.contrast-black_scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\secondarytiles\place\contrast-black\widetile.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\updater.api svchost.exe File created C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\contrast-white\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weather_tilelargesquare.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_neutral_split.scale-200_8wekyb3d8bbwe\assets\getstartedlargetile.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\dog.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\large_trefoil.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\videolan\vlc\lua\http\images\buttons.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\hn_60x42.png svchost.exe File opened for modification C:\program files\common files\microsoft shared\ink\ipsrus.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\5313_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\large\makeup.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\emoticons\small\happy.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbyrun.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\contrast-white\weather_logosmall.targetsize-32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\tab\tabcoming.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\1c.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\pages-app\images\rhp_world_icon_2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\assets\getstartedapplist.targetsize-16_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\starclub\star.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenotesectionsmalltile.scale-150.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\timersmalltile.contrast-white_scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\8201_32x32x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_x64__8wekyb3d8bbwe\assets\insiderhubapplist.targetsize-96_contrast-black.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\rtl\contrast-white\widetile.scale-100.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\place\rtl\contrast-black\smalltile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-black\onenoteapplist.targetsize-72_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ga_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.mspaint_1.1702.28017.0_x64__8wekyb3d8bbwe\assets\videos\help\unipulator.mp4 svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\1850_40x40x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\contrast-white\onenotesectionsmalltile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\editpdf.svg svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\example_icons.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-20_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\howtoplay\freecell\tips_2.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_x64__8wekyb3d8bbwe\assets\contrast-white\oneconnectsplashscreen.scale-200.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\car\ltr\contrast-black\medtile.scale-100.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\addressbook2x.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\tm_60x42.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\pester\3.4.0\functions\assertions\be.ps1 svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\images\rhp_world_icon_2x.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\ob-preview\js\nls\pl-pl\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\unified-share\images\themes\dark\searchemail2x.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\cs-cz\ui-strings.js svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\sign-services-auth\js\nls\zh-tw\ui-strings.js svchost.exe File created C:\program files\videolan\vlc\locale\bg\lc_messages\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\images\themeless\fill-sign.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\7260_20x20x32.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_folder-focus_32.svg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailsplashlogo.scale-200.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\acroform\pmp\datamatrix.pmp svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\scan-files\images\themeless\appstore\download_on_the_app_store_badge_es_135x40.svg svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\lib\derbynet.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-white_targetsize-16_altform-unplated.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\task-handler\js\nls\it-it\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\klondike\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\outlookmailsmalltile.scale-150.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\desktop-connector-files\js\nls\ja-jp\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\home\largetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\deletedalluserpackages\microsoft.zunevideo_10.16112.11601.0_neutral_resources.scale-200_8wekyb3d8bbwe\assets\contrast-white\logo.scale-200_contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\hxmailmediumtile.scale-100.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsfeedbackhub_1.1612.10312.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\common files\system\ole db\sqlxmlx.rll svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themecreation\zoom_in.png svchost.exe File created C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\ltr\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-100_8wekyb3d8bbwe\assets\secondarytiles\directions\home\rtl\smalltile.scale-100.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\tr-tr\ui-strings.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.bingweather_4.18.56.0_x64__8wekyb3d8bbwe\assets\apptiles\weathericons\30x30\162.png svchost.exe File created C:\program files\windowsapps\microsoft.microsoft3dviewer_1.1702.21039.0_x64__8wekyb3d8bbwe\assets\images\tiles\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscalculator_10.1702.312.0_x64__8wekyb3d8bbwe\assets\calculatorapplist.targetsize-48.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\win8-scrollbar\arrow-left.gif svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\zh-cn\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_cn_5.5.0.165303.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.desktopappinstaller_1.0.10252.0_x64__8wekyb3d8bbwe\assets\apppackageapplist.targetsize-60_altform-unplated.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\awards\common\jack_of_all_trades_unearned_small.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.oneconnect_2.1701.277.0_neutral_~_8wekyb3d8bbwe\appxblockmap.xml svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\alarmsapplist.contrast-black_targetsize-256.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.advertising.xaml_10.0.1605.0_x64__8wekyb3d8bbwe\microsoft.advertising\bootstrap.js svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\fues\checkmark.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\large_trefoil_2x.png svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.people_10.1.10531.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\contrast-black\peoplewidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-black\linkedinboxwidetile.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunemusic_10.16112.11621.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-30_altform-unplated_contrast-white.png svchost.exe File opened for modification C:\program files\windowspowershell\modules\microsoft.powershell.operation.validation\1.0.1\test\modules\example1.diagnostics\diagnostics\simple\example1.diagnostics.tests.ps1 svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\db\bin\setnetworkclientcp svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\mainpagestate2\tripeaks_bp_920.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\2875_48x48x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\large\id_60x42.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windows.photos_16.511.8780.0_x64__8wekyb3d8bbwe\appxsignature.p7x svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\s_folder-down_32.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\viewer\nls\en-gb\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\embossbitmaps\multiply_icon.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\designs\flags\small\ug_16x11.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.contrast-black_targetsize-16.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\tracker\info.gif svchost.exe File created C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x86__8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\jce.jar svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenoteapplist.targetsize-32.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\tracked-send\js\plugins\tracked-send\js\nls\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\deletedalluserpackages\microsoft.windowsmaps_5.1611.10393.0_neutral_split.scale-125_8wekyb3d8bbwe\assets\secondarytiles\directions\work\rtl\contrast-black\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\texturebitmaps\sttionry.jpg svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\snooze.contrast-white.png svchost.exe File opened for modification C:\program files (x86)\windowspowershell\modules\pester\3.4.0\en-us\about_mocking.help.txt svchost.exe File opened for modification C:\program files\common files\microsoft shared\clicktorun\clienteventlogmessages.man svchost.exe File opened for modification C:\program files\java\jdk1.8.0_66\jre\lib\calendars.properties svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\exportpdfupsell-app\images\themes\dark\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\resource\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftstickynotes_1.4.101.0_neutral_~_8wekyb3d8bbwe\appxmetadata\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\4583_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.skypeapp_11.8.204.0_x64__kzf8qxf38zg5c\skypeapp\assets\images\moji_mask_darkmain.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsmaps_5.1611.10393.0_x64__8wekyb3d8bbwe\assets\images\printandshare\glyph_0xe7d1.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\multimedia\mpp\windowsmedia.mpp svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\editpdf\js\nls\fr-fr\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\images\contrast-white\hxcalendarapplist.targetsize-80.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowssoundrecorder_10.1702.301.0_x64__8wekyb3d8bbwe\assets\voicerecorderapplist.targetsize-72.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\css\main-cef-win8.css svchost.exe File opened for modification C:\program files\windowsapps\microsoft.3dbuilder_13.0.10349.0_x64__8wekyb3d8bbwe\assets\manifestassets\contrast-white\icon.targetsize-16.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.windowsalarms_10.1702.333.0_x64__8wekyb3d8bbwe\assets\dismiss.contrast-white.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.xboxapp_25.25.13009.0_x64__8wekyb3d8bbwe\assets\gamesxboxhubapplist.targetsize-64_altform-unplated_contrast-high.png svchost.exe File opened for modification C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\images\themes\dark\organize.svg svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\add-account\js\nls\nl-nl\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\arkadium.win10.dailychallenges\assets\tab\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.microsoftsolitairecollection_3.14.1181.0_x64__8wekyb3d8bbwe\assets\themes\classic\mask\13c.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.zunevideo_10.16112.11601.0_x64__8wekyb3d8bbwe\assets\contrast-white\applist.targetsize-30_contrast-white.png svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\combinepdf\js\nls\ro-ro\!!FAQ for Decryption!!.txt svchost.exe File created C:\program files (x86)\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\on-boarding\js\nls\ca-es\!!FAQ for Decryption!!.txt svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\6528_24x24x32.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.office.onenote_17.7668.58071.0_x64__8wekyb3d8bbwe\images\onenotesplashlogo.scale-125.png svchost.exe File opened for modification C:\program files\windowsapps\microsoft.vclibs.140.00_14.0.24123.0_x64__8wekyb3d8bbwe\appxmanifest.xml svchost.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of WriteProcessMemory 8 IoCs
description pid Process procid_target PID 3264 wrote to memory of 1824 3264 00b2679e73e28343fd153df9858bc910.exe 72 PID 3264 wrote to memory of 1824 3264 00b2679e73e28343fd153df9858bc910.exe 72 PID 3264 wrote to memory of 1824 3264 00b2679e73e28343fd153df9858bc910.exe 72 PID 3264 wrote to memory of 1824 3264 00b2679e73e28343fd153df9858bc910.exe 72 PID 3264 wrote to memory of 1824 3264 00b2679e73e28343fd153df9858bc910.exe 72 PID 3264 wrote to memory of 2100 3264 00b2679e73e28343fd153df9858bc910.exe 73 PID 3264 wrote to memory of 2100 3264 00b2679e73e28343fd153df9858bc910.exe 73 PID 3264 wrote to memory of 2100 3264 00b2679e73e28343fd153df9858bc910.exe 73 -
Suspicious use of SetThreadContext 1 IoCs
description pid Process procid_target PID 3264 set thread context of 1824 3264 00b2679e73e28343fd153df9858bc910.exe 72 -
Suspicious behavior: EnumeratesProcesses 14 IoCs
pid Process 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe 1824 svchost.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\00b2679e73e28343fd153df9858bc910.exe"C:\Users\Admin\AppData\Local\Temp\00b2679e73e28343fd153df9858bc910.exe"1⤵
- Suspicious use of WriteProcessMemory
- Suspicious use of SetThreadContext
PID:3264 -
C:\Windows\SysWOW64\svchost.exeC:\Windows\System32\svchost.exe2⤵
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
PID:1824
-
-
C:\Windows\SysWOW64\cmd.exe/c del C:\Users\Admin\AppData\Local\Temp\00b2679e73e28343fd153df9858bc910.exe >> NUL2⤵PID:2100
-