Analysis
-
max time kernel
119s -
max time network
137s -
platform
windows7_x64 -
resource
win7 -
submitted
09-07-2020 17:15
Static task
static1
Behavioral task
behavioral1
Sample
403a1s0ssssd7da.exe
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
403a1s0ssssd7da.exe
Resource
win10v200430
windows10_x64
0 signatures
0 seconds
General
-
Target
403a1s0ssssd7da.exe
-
Size
717KB
-
MD5
b7409b7d45794e78aeaeb8b8b0dcac74
-
SHA1
a800da4d4a34db9ae4435ebff81fcf7dcae808fc
-
SHA256
f9397a0438f1e3a8d03aa326dc4910482df49dd295228d9a4dda1f55247fd6e3
-
SHA512
2c5e6a560d4b3721404e99617c69c5e7f194040563167662b9269f5c6229a3257a38b6c2cddf6bc79dd7c10a7f506225c6e034fee178a8d9965a4ba222a56783
Score
10/10
Malware Config
Extracted
Path
C:\MSOCache\All Users\{90140000-0011-0000-1000-0000000FF1CE}-C\Read_Me.txt
Ransom Note
Attention!
All your files, documents, photos, databases and other important files are encrypted
The only method of recovering files is to purchase an unique decryptor. Only we can give you this decryptor and only we can recover your files.
The server with your decryptor is in a closed network TOR. You can get there by the following ways:
----------------------------------------------------------------------------------------
1. Download Tor browser - https://www.torproject.org/
2. Install Tor browser
3. Open Tor Browser
4. Open link in TOR browser: http://7rzpyw3hflwe2c7h.onion/?AAAAAAAA
5. Follow the instructions on this page
----------------------------------------------------------------------------------------
On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.
Alternate communication channel here: http://helpqvrg3cc5mvb3.onion/
URLs
http://7rzpyw3hflwe2c7h.onion/?AAAAAAAA
http://helpqvrg3cc5mvb3.onion/
Signatures
-
Suspicious use of WriteProcessMemory 10 IoCs
description pid Process procid_target PID 1156 wrote to memory of 1508 1156 403a1s0ssssd7da.exe 24 PID 1156 wrote to memory of 1508 1156 403a1s0ssssd7da.exe 24 PID 1156 wrote to memory of 1508 1156 403a1s0ssssd7da.exe 24 PID 1156 wrote to memory of 1508 1156 403a1s0ssssd7da.exe 24 PID 1156 wrote to memory of 1508 1156 403a1s0ssssd7da.exe 24 PID 1156 wrote to memory of 1508 1156 403a1s0ssssd7da.exe 24 PID 1156 wrote to memory of 1508 1156 403a1s0ssssd7da.exe 24 PID 1156 wrote to memory of 1508 1156 403a1s0ssssd7da.exe 24 PID 1156 wrote to memory of 1508 1156 403a1s0ssssd7da.exe 24 PID 1156 wrote to memory of 1508 1156 403a1s0ssssd7da.exe 24 -
Modifies Installed Components in the registry 2 TTPs 4 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe -
Drops file in Program Files directory 12089 IoCs
description ioc Process File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7cm_es.dub 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\THIRDPARTYLICENSEREADME.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297229.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14832_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Apothecary.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\HICCUP.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7db.kic 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.SYX 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupicons.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePageBlank.gif 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management-agent.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0294991.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ahclient.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\menu_arrow.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\FUNCRES.XLAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\diagnostic-command-16.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00633_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18236_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21322_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43B.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SIGNL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FORM.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhds_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\en-US\msoeres.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Madrid 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099179.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDownArrow.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\en.ttt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\pa-in.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Services\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.RSA 403a1s0ssssd7da.exe File created C:\Program Files\Windows Photo Viewer\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\SY______.PFM 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsTap.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00183_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\HWRCustomization\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\uz.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152704.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00223_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222021.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18181_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SELFCERT.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-print.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101864.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2native.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241077.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10255_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\handsafe.reg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msaddsr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODBC.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_ja.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABELHM.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUDGESCH.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDXFile_8.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotiondetect_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02262_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libcaca_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\tr.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105390.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpAsDesc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\PABR.SAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ProjectStatusReport.potx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwingdi_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-tw.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00438_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00202_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXT 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CRANE.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01548_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen.css 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\policytool.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04195_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105386.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\fur.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Atikokan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-api.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107042.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\common.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SAVE.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.InfoPath.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MENU.DPV 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sr\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Shorthand.jtp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\blank.jtp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\bn.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yekaterinburg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-compat.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mousedown.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuala_Lumpur 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5EDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_zh_CN.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CMNTY_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montreal 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\applet\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayman 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sa.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nipigon 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENVELOPE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHigh.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ADD.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\Accessories\wordpad.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaurl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javac.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util_1.7.0.v201011041433.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\decora-sse.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00010_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\Indiana\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02287_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLAPPT.FAE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\SaveRevoke.ex_ 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.log 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpnetwk.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\EnterResize.M2T 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-remote.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099154.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_on.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLV.DOC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR38F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-dialogs.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04384_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152626.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00943_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB4.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GIFT.DPV 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\prism-d3d.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Port_Moresby 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Vladivostok 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Cordoba 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_zh_CN.jar 403a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\PersonalMonthlyBudget.xltx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunec.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\TOC98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\d3dcompiler_47.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EET 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01630_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-api.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212701.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Internet Explorer\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02748U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01292_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR29F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\oisctrl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Austin.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18187_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18225_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Distinctive.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\IPML.ICO 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Rothera 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Urumqi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00397_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libkate_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaer.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition.fdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DAO\dao360.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185780.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_choosefont.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02369_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01805_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\controllers.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yakutat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0294989.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0300862.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveNewsletter.dotx 403a1s0ssssd7da.exe File created C:\Program Files\Windows Mail\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\PipeTran.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macTSFrame.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212685.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0287005.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\ieinstal.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guadalcanal 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00052_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341636.JPG 403a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\defaults\pref\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_window.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0172067.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174315.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304371.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\idlj.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\npjp2.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santarem 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861258748.profile.gz 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18245_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prcr.x3d 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_PDF.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Omsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN020.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\artifacts.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Waveform.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ModifiedTelespace.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PEOPLEDATAHANDLER.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382965.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\ACTIVITY.CFG 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\am\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DenyRegister.rtf 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mk\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Doc.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMaskSmall.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAIL11.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsound.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Palmer 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fiji 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bangkok 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240189.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0250997.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341344.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Groove.gif 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\applet\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh88 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+9 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105376.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR27F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.InfoPath.FormControl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libmarq_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Palmer 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Apia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Angles.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCAL.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Indian\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_client.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02298_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099162.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198226.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBOXES.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignleft.gif 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\hr.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-api.xml 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OSPP.VBS 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Access\WSS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLSLICER.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\httprequests.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02738U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18204_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libudp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityReport.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187847.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02276_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Austin.xml 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XIMAGE3B.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsDoNotTrust.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AU.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ug\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\verify.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-options.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-coredump.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-tools.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-conio-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.VisualElementsManifest.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241041.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21527_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-charts.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01063_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0183168.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\VeriSignLogo.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\oeimport.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBHW6.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153305.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME32.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BRCH98SP.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\minidump-analyzer.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME03.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Sofia 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thule 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05710_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21435_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\gstreamer-lite.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00466_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18192_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CSD 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\THEMES.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OMSMMS.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\ucrtbase.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14983_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OFFXML.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png 403a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382947.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00402_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGNHM.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN089.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vocaroo.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01661_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14529_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\tnameserv.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\RADIO.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSRTEDIT.DLL 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0075478.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh87 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Lagos 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200279.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02444_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-progress.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lg\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pe.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guyana 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CLIP.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00391_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Hardcover.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\BodyPaneBackground.jpg 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java-rmi.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.properties.src 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOffMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-print.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00814_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe Root Certificate.cer 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297269.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.ICO 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSSOAP30.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmiregistry.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\sentinel 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsMacroTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099150.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0252629.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00346_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382959.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\libvlc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_imem_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceqp35.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\bn.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Rome 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\YEAR.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTEIRM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanReport.Dotx 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21298_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Bougainville 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL048.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-api-visual.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18215_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21331_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNote.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BUSINESS.ONE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libedummy_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAME.DLL 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WZCNFLCT.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBAR.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Teal.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Pipeline.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-javahelp.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107526.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-applemenu.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02293_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART14.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_OliveGreen.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL108.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_is.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0150150.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198025.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDRESN.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hovd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01255G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pl\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19988_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00687_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\APPLAUSE.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGTOC.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWSHM.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\settings.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-fallback.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14844_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Apothecary.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_K_COL.HXK 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\asl-v20.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseover.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Martinique 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Belgrade 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FLAP.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0286034.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01060_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105410.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03241_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\pdm.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\GMT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Uzhgorod 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143750.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Teal.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PSTPRX32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\QP.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvSOFT.x3d 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-modules.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152590.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormToolImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MsMpCom.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\jsdbgui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE06450_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00806_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART4.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Payment Type.accft 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mn\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmprph.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImage.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0172193.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00330_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLLIBR.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BAN98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Troll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107516.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\utilityfunctions.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01158_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN096.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-spi-actions.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack200.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\UseLock.pcx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Cairo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21318_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\WATER.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Response.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\TAG.XSL 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Document Themes 14\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPDMCCore.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_da.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\org.eclipse.rcp_root_4.4.0.v20141007-2301 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216874.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0229389.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.rcp_4.3.100.v20141007-2301.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.rst 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\sRGB.pf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103262.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CT_ROOTS.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WCOMP98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fakaofo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-compat.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00449_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-options-keymap.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01080_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SHOW_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\LOCALDV.DLL 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_CN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Services\verisign.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1665.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Manaus 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tongatapu 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AD.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\WebKit.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00260_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02218_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\WIND.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPWEC.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\msdatasrc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdaosp.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Thimphu 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\ACT3.SAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libwebvtt_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105388.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\pingsender.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\Timeline.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-io-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+12 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\InkObj.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\MSMAPI\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Center 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_10.MID 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00265_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\SHOT.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15058_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\BREEZE.ELM 403a1s0ssssd7da.exe File created C:\Program Files\Internet Explorer\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00038_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00834_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageScript.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libclone_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadce.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffffff_256x240.png 403a1s0ssssd7da.exe File created C:\Program Files\Windows NT\Accessories\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpnssci.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187859.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01235U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdmo_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_avi_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Network Sharing\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\background.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Pangnirtung 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01251_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107350.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00217_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18254_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\management.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341499.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14754_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.UK.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01176_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\handler.reg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yekaterinburg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02756U.BMP 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7FR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\.lastModified 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-common.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Gibraltar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\DESIGNER.ONE 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\AcroRead.msi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado25.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20140827-1444.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-windows.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_02.MID 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_OliveGreen.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawaud_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromecast_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR18F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR23F.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\WATERMAR.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayman 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00478_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18191_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvc1_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Source Engine\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-core-kit.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLMAPI32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosecolor.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-text.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145707.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02450_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Casey 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baku 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00601_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoBase.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\SLATE.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\glib-lite.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198372.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSGR3FR.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\2d.x3d 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_ES.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\cacerts 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FALL_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME14.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_TexturedBlue.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN075.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FSTOCK.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\iedvtool.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00200_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0093905.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188519.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudiobargraph_a_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\helpmap.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSCOPY.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18211_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10308_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME34.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_asf_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\hxdsui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\fy.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL104.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceer35EN.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Ojinaga 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00204_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285822.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00578_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Executive.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115840.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\notification_helper.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\setup_wm.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guatemala 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SAFRI_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\SPACER.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\mux\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216570.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287020.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309705.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14582_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\ColleagueImport.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_stats_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00255_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_VelvetRose.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-heapdump.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmlaunch.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\rt3d.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Pangnirtung 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\amd64\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Uzhgorod 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00723_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02754U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0205466.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01563_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Grid.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\WARN.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.ELM 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8PDT 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Off.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile.html 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\http.luac 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\RICEPAPR.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341328.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Metro.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5EDT 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ja.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Cordoba 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107302.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281630.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309902.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\EnableRead.jpeg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\REFINED.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaprsr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSStr32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Sales Pipeline.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app_1.0.300.v20140228-1829.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port-au-Prince 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN01308_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME08.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Tasks.accdt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPEDITOR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\PRODIGY.NET.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107258.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00390_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Synchronization Services\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_partstyle.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03466_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Slipstream.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMSL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\excel.exe.manifest 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\TECHTOOL.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\my\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceme35.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199483.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnoseek_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanPhotoAlbum.potx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02384_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WWINTL.REST.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Country.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\QUIKPUBS.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18205_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pt_BR.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\gstreamer-lite.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107750.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285808.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadco.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.bat 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_PT\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Singapore 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUPLD.INTL.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\meta-index 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\WT61ES.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\mc.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152600.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN026.XML 403a1s0ssssd7da.exe File created C:\Program Files\Uninstall Information\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradient_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penusa.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\ACT3R.SAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RSSITEMS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Luxembourg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215709.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10302_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\BUTTON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_TW.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-4 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_de.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00443_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187883.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SEARCH.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\attention.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\THMBNAIL.PNG 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Africa\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21503_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18237_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ClassicPhotoAlbum.potx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\DESIGNER\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01157_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105288.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293570.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.common_3.6.200.v20130402-1505.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsFormTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_150.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14801_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7FR.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\bg.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig-office.xrm-ms 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\LICENSE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\ZoneInfoMappings 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198712.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02040U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02071U.BMP 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\adcjavas.inc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkNoDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR16F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\buttons.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Filters\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-10 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02161_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libnetsync_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0175428.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387578.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL081.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\ECHO.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santa_Isabel 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_CN.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\.lastModified 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH00780U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\OptimizeFormat.mht 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME31.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSLaunch.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02066_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GR8GALRY.GRA 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ef8c08_256x240.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\VBE6EXT.OLB 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\AddIns.store 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\MSCONV97.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\libxslt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239935.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7tkjp.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanLetter.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sw.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VVIEWER.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20140512-1650.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kwajalein 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382931.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPORTS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7EN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\en-US\MpAsDesc.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Icons\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\IACOM2.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02028K.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_20_666666_40x40.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOICONS.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.VisualElementsManifest.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnssui.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\main.css 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt_0.12.1.v20140903-1023.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-7 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00194_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\XML Files\Space Templates\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02227_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCDDSUI.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jfxrt.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21342_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignright.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-cn.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\en-US\WMM2CLIP.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_CN.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libwall_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfigInternal.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cuiaba 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Grand_Turk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_F_COL.HXK 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-13 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\List.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ContactSelector.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdarem.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14515_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21534_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmplayer.exe 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Menominee 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ACCSBAR.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\COPYING.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Marketing Projects.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-ui.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jpeg.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\FONTSCHM.INI 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Anadyr 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239079.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292248.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02435_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-lib-uihandler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Perth 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107458.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXSEC32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupiconsmask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\NBDoc.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Auckland 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107490.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02262_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\LATIN1.SHP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATE.JPG 403a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Microsoft\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libgain_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pontianak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382944.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00532_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OWSHLP10.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\soundcloud.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\libxml2.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107456.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215076.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00253_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONLNTCOMLIB.DLL 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099198.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Simple.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\MMSS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayenne 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01218_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_03.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAIL.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kwajalein 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR12F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CA.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ADRESPEL.POC 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\lua\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Detroit 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-settings.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200189.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CollectSignatures_Init.xsn 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153095.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03236_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Ojinaga 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Rangoon 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-explorer.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\updater.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\te\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPDMC.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15073_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OEMPRINT.CAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14538_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OFFOWC.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SecStoreFile.ico 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00681_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\swiftshader\libGLESv2.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository_2.3.0.v20131211-1531.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-annotations-common.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-impl.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00163_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00177_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\1033\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\SoftBlue.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcer.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01586_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00289_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CUP.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHKEY.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pmd.cer 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\EQUATION\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\D3DCompiler_47.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST5EDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui_4.0.100.v20140401-0608.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00299_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\kn\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\sd\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yellowknife 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00157_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00513_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152898.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSWORD.OLB 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fil.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\ResourceInternal.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_cycle_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7zCon.sfx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SWEST_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Metro.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18232_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115875.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\vi.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099169.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ogg_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IMPMAIL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\msvcr100.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293844.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PROFILE.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\oeimport.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\GreenBubbles.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-text.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0089945.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Couture.xml 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Los_Angeles 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Syowa 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RESENDL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.PL.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RICHED20.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrow.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libchorus_flanger_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmod_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\NPSWF32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticattribute.exsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107344.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WING2.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zy______.pfm 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPDMCCore.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FRAR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.metadata.repository.prefs 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04191_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0172035.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sk.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\bin\dtplugin\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-lookup.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145879.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityMergeFax.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09194_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs-nio2.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0227558.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-synch-l1-2-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0233018.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libttml_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\Accessories\WordpadFilter.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-explorer.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03470_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Track Issues.fdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadds.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Solstice.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME39.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLINTL32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART9.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\RTF_BOLD.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00157_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02578_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EMABLT32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Petersburg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\STUBBY1.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\ANALYS32.XLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\flyout.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-uisupport.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dummy.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15132_.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLOGO.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ViewerPS.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099172.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PRRTINST.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WHIRL2.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7z.sfx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ceuta 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mauritius 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImageMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\HEADER.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Windows Photo Viewer\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui 403a1s0ssssd7da.exe File created C:\Program Files\7-Zip\Lang\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ast.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215210.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\LAUNCH.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTAREA.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20131211-1531.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02201_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Bibliography\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DVDHM.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ogalegit.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-dialogs.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145272.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceca35.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.console_1.1.0.v20140131-1639.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14533_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\HORN.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMaskRTL.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javafx-iio.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\en-US\wordpad.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\SETUP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152884.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01395_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115866.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\OneNote\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\hxdsui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\setup.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Colombo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_pt_BR.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00190_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcroppadd_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\az\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libvisual_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188669.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0240719.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLV.PPT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-templates.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPICCAP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPNSSUI.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR13F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENV98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine_64.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Anadyr 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107148.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LINE.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\CAPSULES.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PROFILE.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105506.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\QRCode.pmp 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\ado\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdatl3.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CST6CDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00712_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00694_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099149.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285410.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcor.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Colombo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Austin.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR13F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198022.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185778.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Urban.xml 403a1s0ssssd7da.exe File created C:\Program Files\Windows Mail\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pago_Pago 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tarawa 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105272.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\hy.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107426.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RESP98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Small_News.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02443_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18208_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-charts.xml 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Atlantic\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18199_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\EmptyDatabase.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0187423.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_center.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mspub.exe.manifest 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\libEGL.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.catalog 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03513_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_OFF.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PUBBA\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libnfs_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\yo.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.ITS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.p2.ui.overridden_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15172_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00008_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105414.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02743G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME52.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14790_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuvp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02166_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0146142.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200383.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\resources\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\UseStart.mpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\BLUECALM.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4ADT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21324_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\form_edit.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL058.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-9 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01747_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+1 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14710_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaorar.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216153.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\TexturedBlue.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-ui.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145810.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02268_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_off.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\softokn3.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\fa.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Sakhalin 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\he.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msaddsr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kiritimati 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01040_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15169_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.InfoPath.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7EN.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtobe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hong_Kong 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187881.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0286068.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\main_background.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Temp\GUM2396.tmp\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeLinguistic.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_sv.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansRegular.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL102.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00369_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msader15.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00382_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME30.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\LINEAR_RGB.pf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfreeze_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpuzzle_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNoteUI.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Omsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00132_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115867.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_LightSpirit.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301044.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImages16x16.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\SectionHeading.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBUI6.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\core_visualvm.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0211981.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\visualization\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00524_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SHAREPOINTPROVIDER.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-5 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZY______.PFB 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPDMC.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.util_1.0.500.v20130404-1337.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\rmid.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187837.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00234_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdrawable_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javacpl.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02400_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02263_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_id.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHSRN.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESNL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\ffjcext.zip 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\bin\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01637_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Oriel.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18252_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mousedown.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jarsigner.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0335112.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CNFNOT32.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Casual.css 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Accessibility.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench_3.106.1.v20140827-1737.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Andorra 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART2.BDR 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\1036\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceDaYi.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.continuation_8.1.14.v20131031.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00057_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105280.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21309_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\alt-rt.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs-nio2.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Noumea 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD05119_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPrintTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00998_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImages256Colors.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\mng2.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105232.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Davis 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105244.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\MLA.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\orbd.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tunis 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Atikokan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107722.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\host.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateOnDemand.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\pt.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia_Banderas 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00037_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15274_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\background.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcf.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.WIH 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstack.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00145_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vevay 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XLCALL32.DLL 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\as_IN\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.ELM 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198113.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PS2SWOOS.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGATNGET.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_vi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02361_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Median.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART15.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSAEXP30.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\SETUP.XML 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\msadc\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcf.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE04050_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Waveform.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-keymap.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01213K.JPG 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\d3d11\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10307_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR40F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericonMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.json 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.bat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7MDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107742.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECREC.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets_1.0.0.v20140514-1823.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099175.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\pdm.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD07831_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15170_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME50.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Couture.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\be.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\deploy.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Perspective.eftx 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\mozavcodec.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Elemental.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0300840.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL096.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200521.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00257_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\README.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javafx.policy 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234687.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BRCHUR98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02058U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18253_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00390_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImageMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordcnvpxy.cnv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09664_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382927.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Comments.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPDMC.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00152_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01462_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21313_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME13.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENV98SP.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-process-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png 403a1s0ssssd7da.exe File created C:\Program Files\Internet Explorer\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Chisinau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107528.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thunder_Bay 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR00.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FS3BOX.POC 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\DELETE.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icucnv36.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Horizon.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REMOTES.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_pressed.gif 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00076_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Costa_Rica 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfontj2d.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security_1.2.0.v20130424-1801.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Taipei 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Urban.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02141_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ADD.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Blog.dotx 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mazatlan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD06200_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ca.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\rt.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\youtube.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\java_crw_demo.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaribsub_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\main.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\iediagcmd.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cuiaba 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Amsterdam 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Dublin 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bg.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightItalic.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105348.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_underline.gif 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\perf_nt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01178_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME45.CSS 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107734.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151067.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115843.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Soft Blue.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jinfo.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\DELIMDOS.FAE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\OFFISUPP.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MUSIC_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Graph.exe.manifest 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\3082\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OART.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BORDERBB.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_equalizer.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-spi-quicksearch.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00799_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0315612.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02067_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_spellcheck.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaremr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\RTF_BOLD.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_LightSpirit.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSACCESS.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dialog.zip 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.es\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_CN.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Name.accft 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00625_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Media Renderer\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePage.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Premium.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7-zip.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Warsaw 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215718.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01840_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR25F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBRPH1.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpostproc_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Apia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01743_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\VelvetRose.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pl.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\meta-index 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01569_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zaporozhye 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\jnwdui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingDevices.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FDATE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cancun 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02285_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Priority.accft 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\DELIMWIN.FAE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\LAUNCH.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2iexp.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Costa_Rica 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153299.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14578_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-filesystems.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\US_export_policy.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\Messenger.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPTIRM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\flyout.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.DesignTime.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libsapi_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSans.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ADO210.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jdwp.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04269_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_es_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vilnius 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.RSA 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENGDIC.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECURS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yerevan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309598.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\gl.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Lagos 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jdwp.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15275_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\j2pcsc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImage.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\appletviewer.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0292152.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\dkjson.luac 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL111.XML 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\QUERIES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\java.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313974.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10267_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipTsf.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Norfolk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Newsprint.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\SessionMember.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.Tools.Applications.Project.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiling.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00443_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00918_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplate.html 403a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Visualizations\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FINCL_02.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387591.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Concourse.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSTORE.EXE 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ast\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DVA.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Brunei 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Perspective.xml 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_ON.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\fr.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ky.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00921_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188587.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\hxdsui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\XDPFile_8.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\oisctrl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\iedvtool.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgePackages.h 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\macroprogress.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\TYPE.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00428_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Person.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_cs.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBOX.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\net.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00629_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01561_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00792_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerEvaluators.exsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tokyo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0186348.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\misc.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\CURRENCY.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\VSTARemotingServer.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.CGM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImagesMask.bmp 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Documentation\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceDaYi.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nome 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kolkata 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL110.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtobe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00487_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\IPM.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IT.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZCARD.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Algiers 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+5 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105336.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.IN.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libexport_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\kab.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\DEEPBLUE.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunec.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HTECH_01.MID 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ar.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384895.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00168_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Black Tie.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\AUTHOR.XSL 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107746.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382967.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143744.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSClientDataMgr\MSCDM.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Monrovia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101867.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105276.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\SOLVER\SOLVER.XLAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPTIRMV.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\d3d9\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\README.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Simferopol 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Waveform.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosecolor.gif 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface_3.10.1.v20140813-1009.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00192_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN01164_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Library\SOLVER\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\BUTTON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ta.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblibmpeg2_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado15.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDREQ.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Installed_schemas14.xss 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\Synchronization.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Thatch.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME19.CSS 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.pb_2.3.5.v201404071733.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png 403a1s0ssssd7da.exe File created C:\Program Files\7-Zip\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\USP10.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUTHZAX.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sq.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\resources.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util-lookup.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00453_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\id.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management\management.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01265U.BMP 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ach\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\DiagnosticsTap.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\logging.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02790_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_output\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXE8SharedExpat.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmic.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Abidjan 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\CONVERT\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02755U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01246_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Trek.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14769_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-11 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04267_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292270.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left_over.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0233512.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MCPS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ja.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\MsMpLics.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boa_Vista 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ashgabat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Issues.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14530_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPSLAX.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0197979.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02749G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00703L.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Verve.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAClientPkgUI.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00092_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\LASER.WAV 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\uninstall.log 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\New_York 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145361.JPG 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\br\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\LAYERS.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jli.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2iexp.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\w2k_lsa_auth.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsvorepository_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\extensibility.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Monaco 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImagesMask.bmp 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.Infopath.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\OrangeCircles.jpg 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Oral 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Slipstream.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0196164.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145669.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Flyout_Thumbnail_Shadow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-snaptracer.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\glib-lite.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0195534.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\de.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\resources.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs-nio2.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Asuncion 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Danmarkshavn 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IEContentService.exe 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-windows.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLY98SP.POC 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Temp\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Juan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281632.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02404_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-execution.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_04.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.xml 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\SDK\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmpnssui.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thunder_Bay 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLWVW.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB6.BDR 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ia\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\readme.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\instrument.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OFFRHD.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN095.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mip.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.Blueprints.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00136_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107730.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287645.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Earthy.gif 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sq\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-execution.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18201_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.OPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\EXITEM.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\calendars.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Christmas 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01242_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285792.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageStyle.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Contacts.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151055.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ie9props.propdesc 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL106.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libanaglyph_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_content-background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+1 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153508.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.BR.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\1036\MSGR3FR.DLL 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextService.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageScript.js 403a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Modules\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\ado\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01923_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02958_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_VelvetRose.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Earthy.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\pl.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyNoDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241773.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01294_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME12.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR22F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\Whistling.wav 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macHandle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-dialogs.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02794_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18235_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\SPLASH.WAV 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Photo Viewer\en-US\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Antigua 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Phoenix 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0296279.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\InformationIcon.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-nodes.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatializer_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\xmlrw.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR10F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPST32.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\gmp-clearkey\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384900.JPG 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Access\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Newsprint.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Civic.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OMSINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFPrevHndlr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_pt_BR.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pohnpei 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Acrofx32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MARQUEE.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icudt36.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\derby_common.bat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_it.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00172_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7jp.kic 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\83.0.4103.106\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\extensions\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\BLUECALM.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143746.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\FORMS\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\uk.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099168.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21316_.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Portable Devices\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\CHEVRON.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7tk.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wallis 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-output2.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Adobe.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\DLGSETP.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\nb.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01163_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\PMAILEXT.ECF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIconsMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGN.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Beirut 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLADDR.FAE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\QuizShow.potx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\InkDiv.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\ktab.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115834.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_justify.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jsoundds.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Versions\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CLASSIC2.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00798_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONWordAddin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadomd28.tlb 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106958.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187921.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SWBELL.NET.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWORIENT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\EPSIMP32.FLT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado20.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-views.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01154_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services_1.1.0.v20140328-1925.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Verve.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\BG_ADOBE.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0214934.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21375_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REMOTEL.ICO 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Help\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Folders\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\WMM2CLIP.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Panama 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libscreen_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libball_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\MediaReceiverRegistrar.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN065.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\newgrounds.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ru.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WING1.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WWINTL.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libadf_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185774.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR31F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+9 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-coredump.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-attach.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152568.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpClient.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Hobart 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts2.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\INCOMING.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_QuickLaunch.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Checkers.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Petersburg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-remote.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01172_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02263_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN092.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\leftnav.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TAIL.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PPINTL.REST.IDX_DLL 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ro\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\hxdsui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00334_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107152.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Salta 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\CIEXYZ.pf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0318804.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MAPISHELLR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jerusalem 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmlaunch.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199429.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287644.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00403_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199283.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLTASK.FAE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\THOCR.PSP 403a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MOR6INT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\ODBC.SAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Students.accdt 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsoundds.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Adelaide 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00173_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21332_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.stdformat.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21422_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\SLATE.ELM 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107146.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03795_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Defender\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00274_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Amman 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14981_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\TimeCard.xltx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\javaws.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageStyle.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PIXEL.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EET 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL012.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\keystore\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\_platform_specific\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdfmap.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\hi.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-dayi.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSETUP.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIconsMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielReport.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_copy_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115844.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHLTS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGM.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\content-types.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ulaanbaatar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Saipan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateHelper.msi 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Flow.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00413_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\mr.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\wsdetect.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Whitehorse 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Honolulu 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EXPLR_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgaussianblur_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00254_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02265_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\OliveGreen.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL002.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libparam_eq_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\en-US\WinMail.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099147.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\ACTIVITS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SCNPST32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090777.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186346.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRINTL32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImagesMask.bmp 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ja\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\nn.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-uihandler.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\meta-index 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00122_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1036\MSO.ACL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dataset.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Toronto 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\background.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Azores 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png 403a1s0ssssd7da.exe File created C:\Program Files\Windows Portable Devices\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaprsr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Moscow 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\gimap.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01568_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR11F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00268_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18221_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\StopIconMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLPERF.INI 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Client.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmti.h 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\charsets.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterRegular.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178932.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKIRM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONMAIN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\WinMail.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ViewHeaderPreview.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\include\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-appui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103058.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DOCS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR10F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OISAPP.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00586_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313970.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18217_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15056_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00139_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297749.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIconsMask.bmp 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\th\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\plugins.dat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.api 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\adojavas.inc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03143I.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSORES.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\sidebar.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.xml_1.3.4.v201005080400.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02041_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSSOAPR3.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01298_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WITHCOMP.XML 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105368.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107748.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdan.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00130_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\DADSHIRT.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\icecast.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\NOTEBOOK.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Tasks.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\liblogo_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Martinique 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099164.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_GreenTea.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libdeinterlace_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpenc.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Davis 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chuuk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01216_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSRETRO.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONGuide.onepkg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLow.jpg 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12Tools.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pontianak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301076.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.inject_1.0.0.v20091030.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGZIPC.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-PT.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\cursors.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Melbourne 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00636_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Pushpin.xml 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia_Banderas 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00135_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libqsv_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabimp.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01659_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152882.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02957_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21303_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\To_Do_List.jtp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\eqnedt32.exe.manifest 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Enderbury 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Auckland 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHighMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOUC.EXE 403a1s0ssssd7da.exe File created C:\Program Files\Windows NT\TableTextService\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lindeman 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jvm.lib 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Iqaluit 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02116_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\DELETE.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR42F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSansBold.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\BCSRuntimeRes.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR17F.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\CONVERT\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_filter\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_description_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-1 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01772_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00760L.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewFrame.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\gmail.crx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsdt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01244_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Document.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mp4_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt_3.103.1.v20140903-1938.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Paper.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libntservice_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee100.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Niue 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21312_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImage.jpg 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceArray.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090087.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152556.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00095_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14869_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL001.XML 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.THD 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199465.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\gui\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-util-enumerations.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIconMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadox28.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21328_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WINWORD.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belem 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00623_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Origin.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Horizon.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Jamaica 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174639.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149627.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7wre_es.dub 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Packages\Debugger\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01138_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187815.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0195384.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fa.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02810J.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwinhibit_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\INDOMAIN.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.xml 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00442_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105846.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153307.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185670.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageStyle.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\SelectConvertFrom.ogg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UTC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWSTRUCT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\NOTICE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-output2.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00389_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47F.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Folders\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspdif_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_email.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDFFile_8.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00090_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Groove.gif 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsatip_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR21F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_100_eeeeee_1x100.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\about.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libextract_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\JNTFiltr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7z.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+12 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Rangoon 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\QP.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft.NET\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0158477.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01468_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB1A.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-nodes.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00103_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02368_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART11.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyResume.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199279.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Broken_Hill 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02039U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Formal.dotx 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\STARTUP\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACETXT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239611.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386485.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignright.gif 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\LEVEL.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JdbcOdbc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\servertool.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_zh_CN.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Thatch.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\FAXEXT.ECF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GIFT98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\rockbox_fm_presets.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ca.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcs.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jsdt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Almaty 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107290.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\RTF_BOLD.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\GroupConvert.ADT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Austin.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18257_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\FM20.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CNFNOT.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageBlank.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\server\jvm.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightRegular.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Thimphu 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187819.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293234.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\gfserrorfromgroove.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_1.jtp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-execution.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD10972_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145895.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08773_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00670_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bn.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\DataSet.zip 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14755_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac 403a1s0ssssd7da.exe File created C:\Program Files\Windows NT\TableTextService\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157831.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SAEXT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AboutBox.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpnscfg.exe 403a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\trusted.libraries 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kolkata 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SUBMIT.JS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\DELETE.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Belgrade 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281640.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BDRTKFUL.POC 403a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10254_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENGLISH.LNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMIMES.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\DESIGNER\MSADDNDR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DenyCompare.aif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153273.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18227_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TipsImageMask.bmp 403a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\DiagnosticsTap.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Form.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZFORM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\kk.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\BREEZE.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CNFRES.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosefont.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200273.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\SpaceSelector.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\cs.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299763.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AccessWeb\RPT2HTM4.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Tiki.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Sakhalin 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Urumqi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\file_obj.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01242_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0291794.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPPT.OLB 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASK.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\msdbg2.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0315447.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\mozavutil.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21307_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jvisualvm.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jawt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belem 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0302953.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN110.XML 403a1s0ssssd7da.exe File created C:\Program Files\Windows Defender\en-US\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vienna 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable_1.4.1.v20140210-1835.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00155_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0229385.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_200_percent.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\THMBNAIL.PNG 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\bin\plugin2\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CET 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\GRDEN_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0158007.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\libarchive_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceYi.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rankin_Inlet 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01179J.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Cape_Verde 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\South_Georgia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0296277.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0305257.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN027.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Settings.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tashkent 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-api.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00252_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN111.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CUPINST.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178523.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-services.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\nss3.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libhttp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304853.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01006_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216516.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15018_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d11_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\EURO\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00105_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00526_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0282928.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15276_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-javahelp.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ceuta 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\whitemenu.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MLSHEXT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7Data0011.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02758U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewFrame.html 403a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FNT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Canary 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\topnav.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Araguaina 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00426_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penchs.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Maldives 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04369_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Library\Analysis\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpEvMsg.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SC_Reader.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormToolImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STRBRST.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.WPG 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tokyo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-loaders.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00669_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoViewer.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152694.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285926.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCVDT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipTsf.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099189.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\msvcp140.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281638.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIconsMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageBlank.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\external_extensions.json 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ku-ckb.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.CNT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Malta 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18224_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\en-GB.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\wlsrvc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0136865.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00941_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18250_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_autodel_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\arrow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right_over.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\AMERITECH.NET.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-settings.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107288.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Composite.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB9.BDR 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\ISO690Nmerical.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01179_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00914_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01243_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuching 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00222_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CollectSignatures_Sign.xsn 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Uninstall.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Minsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libwave_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7zFM.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbynet.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00098_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition - Customized.fdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00633_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIcon.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATETIME.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXCEL.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDCNCL.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GRAPH.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Eucla 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Barbados 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Easter 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099163.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03224I.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL016.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeXMP.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XmlFile.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTITS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\SHOVEL.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\ENUtxt.pdf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-uihandler.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0148309.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00505_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382925.JPG 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\StarterNotificationDescriptors.xml 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\msinfo32.exe.mui 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-charts.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03205I.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\LAUNCH.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\end_review.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_center.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBHD.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODDBS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.security 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14514_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24ImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Beulah 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02075_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmirror_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\dialogs\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20131217-1203.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkHandle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-progress-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149481.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14656_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\eula.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04196_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-11 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Eirunepe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\form_edit.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Hobart 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01039_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107494.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00807_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03257_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Irkutsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0250504.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado28.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guyana 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Havana 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VISSHE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\reflow.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javaws.policy 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107300.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME21.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IMCONTACT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00175_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105250.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.EPS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Components\SignedComponents.cer 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.json 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGREPFRM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238959.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239997.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\IA2Marshal.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.HLP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageScript.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ho_Chi_Minh 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00090_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285484.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN044.XML 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft SQL Server Compact Edition\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\PST8PDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105502.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscene_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_mac.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBPAGE.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_srt_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00224_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287024.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03041I.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\StaticText.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOSTYLE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ms.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14868_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ENVELOPR.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Premium.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01066_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jawt.lib 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-api-caching.xml 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdate.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\tr.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.bat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Merida 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.service.exsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02417_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0233070.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105530.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02405_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00555_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1XTOR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Athens 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02267_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02845G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00783_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Library\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.APL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\DataMatrix.pmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02055_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Origin.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCARDHM.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2launcher.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10299_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_COL.HXC 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sv.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Winamac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZFORM.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLRPC.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sl.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_de.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Hardcover.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\TITLE.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESPS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\background.gif 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WWLIB.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\Timeline_is.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04323_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewFrame.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\journal.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Xusage.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-api.xml 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115836.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPCORE.DLL 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\release 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152594.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299171.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\wabimp.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiling.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02155_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\attention.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_justify.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lv.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\RECALL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_wav_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\npdeployJava1.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+3 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuala_Lumpur 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UCT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152708.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lv\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\WT61FR.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\sound.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Couture.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MOR6INT.REST.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SLERROR.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107314.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\+NewSQLServerConnection.odc 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHD11.POC 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\travel.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ho_Chi_Minh 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fr\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEREP.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+7 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\oracle.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-views.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Hardcover.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\History.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-awt.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02749U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\es.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-3 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLINTL32.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdate.cer 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\keystore\libfile_keystore_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseout.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSClient.Msg.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser_64.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\MountPop.aiff 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-H 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00530_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0292020.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\gradient.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\WSS\107.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcfr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14795_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN054.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libtimecode_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\pt-BR.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPMediaSharing.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Maldives 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18196_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\VSTARemotingServer.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-5 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02862_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBHED98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmlaunch.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00531_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00333_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\ado\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\snmp.acl.template 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0197983.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.access 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\calendars.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR38F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER11.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CASHREG.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7ES.dub 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00247_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01170_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Perspective.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Attachments.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgrain_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port_of_Spain 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME06.CSS 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\COPYRIGHT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EAWFINTL.DLL 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ko.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\STUDIO.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESNS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPUB.TLB 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsdp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.bfc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONFLICT.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\INFOML.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcolorthres_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscht.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Dublin 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-applemenu.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02116_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00656_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENFR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Choibalsan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\ORG97.SAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\dependentlibs.list 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_th.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBCN6.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tbilisi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02252_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECRECS.ICO 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VVIEWRES.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\resources.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102594.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\liblogger_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\THANKS.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Keywords.HxK 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\pdmproxy100.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Marengo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\cacerts 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00525_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01474_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadds.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\CAN.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SPANISH.LNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\NOTE.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Northwind.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-loaders.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02617_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18212_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR24F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcrystalhd_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseover.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152560.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14870_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MAPISHELL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-6 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sl.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieNewsletter.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d9_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\La_Paz 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7MODELS0009.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LETTHEAD.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyReport.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmicrodns_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Resource.zip 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\jfr\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME37.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSCOL11.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAClientPkg.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Executive.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_OFF.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\SAMPLES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rankin_Inlet 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pyongyang 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Essential.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jpeg.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\classlist 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00116_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginResume.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dt_socket.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14997_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePage.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Green Bubbles.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\npvlc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SplashScreen.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\INTLDATE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107266.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART12.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENVELOPE.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-2 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195320.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7FR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdxva2_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH00601G.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\modules\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boise 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tirane 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00015_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Casual.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTVIEW.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01357_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01191_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0144773.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Juneau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21301_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME01.CSS 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01293_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7fr.kic 403a1s0ssssd7da.exe File opened for modification C:\Program Files\BackupWatch.xps 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text_3.9.1.v20140827-1810.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00687_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105396.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Elemental.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0195812.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\orbd.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Moscow 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00416_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02439_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14752_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\reader\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Seyes.jtp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPSideShowGadget.exe.mui 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099196.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL065.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Contacts.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\WindowsPowerShell\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\elevation_service.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\java-rmi.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\macroprogress.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-12 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\South_Georgia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01931J.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_WMC_LogoText.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18206_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SlateBlue.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\zh-TW.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Volgograd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0164153.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MP00132_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01239K.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\.eclipseproduct 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\sunmscapi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\vdk150.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\eula.rtf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libimage_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.rll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\profile.jfc 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00086_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePage.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OIMG.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsftp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcfr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\drag.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqloledb.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0211949.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_underline.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-phonetic.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\GRIP.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Country.gif 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Shanghai 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Status Report.fdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\settings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\settings.html 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-applemenu.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185842.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\README.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SUMER_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACERECR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\SmartTagInstall.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21323_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIcon.jpg 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Download\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port-au-Prince 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21548_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBCONV.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\VBAJET32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\mpvis.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299587.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\messageboxalert.ico 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00076_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153087.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExpenseReport.xltx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIBUtils.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\lv.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\pdmproxy100.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Configuration\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\iedvtool.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02120_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\background.gif 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_100_percent.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099202.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate.css 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcor.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jsse.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Lisbon 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Khartoum 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Nauru 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN02122_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02431_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di.extensions_0.12.0.v20140417-2033.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPDMCCore.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENFR\MSB1ENFR.ITS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OL.SAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BloodPressureTracker.xltx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpRTP.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-options-api.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01168_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02412K.JPG 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151061.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHTMED.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\EEINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00452_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\gui\libqt_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106222.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLFLTR.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\AccessWeb\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XLCPRTID.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Puerto_Rico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Grid.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15061_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER.DPV 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ar\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090390.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00683_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\DBGHELP.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\about.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\verify.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04355_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUB6INTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16ImagesMask.bmp 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00435_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SIGNS.ICO 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\validation.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vimeo.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\notification_plugin.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195772.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Training.potx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\master_preferences 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Perspective.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\ELPHRG01.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPORTL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CURRENCY.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\wab32res.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15133_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\InkObj.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrenclm.dat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tashkent 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19827_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\INFOMS.ICO 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mai\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\US_export_policy.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101860.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382954.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRINTL32.REST.IDX_DLL 403a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Configuration\Schema\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hebron 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01169_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKDECL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWLAY32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SketchPadTestSchema.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ALRTINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Brunei 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04117_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OISGRAPH.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01745_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryLetter.dotx 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_BR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01701_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\SIGNUP\install.ins 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-13 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Damascus 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\release 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WITHCOMP.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\osclientcerts.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Nairobi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-14 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02439_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01247U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237228.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02106_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\GB.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Chisinau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Budapest 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01843_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341475.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00057_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00343_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01330_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB5A.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099197.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMaskSmall.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\COPYRIGHT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Monticello 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00011_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0213449.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_bullets.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\GrooveMUI.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OMSSMS.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VVIEWDWG.DLL 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\oc\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB8.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYERHM.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-keymap.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\UTILITY.ACCDA 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199423.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341557.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Module.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR35F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_play.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\logging.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Rothera 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00068_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293240.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\00_musicbrainz.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090027.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309567.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00932_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR40F.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239943.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382966.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.JS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL107.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\ConvertFromDisable.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0205462.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_TexturedBlue.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe.sig 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\sbdrop.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tongatapu 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103850.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\precomplete 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Monrovia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232797.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosefont.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_EN.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\orb.idl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\et.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsdbgui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187861.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02265_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsfin.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Antigua 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\AUTOSHAP.DLL 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.RSA 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086428.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\RPLBRF35.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SUBMIT.JS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Users.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\d3d11\libdirect3d11_filters_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\mlib_image.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02453_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01842_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Pushpin.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_COL.HXT 403a1s0ssssd7da.exe File created C:\Program Files (x86)\WindowsPowerShell\Modules\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-mx.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_output\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.CMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\about.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382948.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\STSLIST.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Cape_Verde 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Majuro 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\WPGIMP32.FLT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pitcairn 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00092_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0217302.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281243.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBREF.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\id\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\af.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Madeira 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIcons.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left_over.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSAIN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\hxdsui.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santarem 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153518.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720_480shadow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Chita 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02280_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\WHOOSH.WAV 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\kaa.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\RIPPLE.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-snaptracer.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\browse_window.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02270_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.NZ.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Maroon.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0279644.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIcons.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.HK.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONTAB32.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341742.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\URBAN_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01151_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00768_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Interface.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\jamendo.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\liberase_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01191_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7z.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-outline.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\MEIPreload\manifest.json 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpCmdRun.exe 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\MakeAccessible.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Scene_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\OliveGreen.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrowMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\xul.dll.sig 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Louisville 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107328.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157191.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21434_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Discussion14.gta 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ps.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-api-caching.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME-JAVAFX.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01356_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02398_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\TexturedBlue.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7EN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR15F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN109.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0177806.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185818.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\WSS_DocLib.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02261_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBlankPage.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_ON.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Ushuaia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107026.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152696.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187829.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Faculty.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01470_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00260_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE.MANIFEST 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\adodb.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guadalcanal 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-queries.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lord_Howe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01084_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericon.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01631_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103812.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01236U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montreal 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fakaofo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Composite.eftx 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bg\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffd27a_256x240.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SettingsInternal.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VPREVIEW.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\DW\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24Images.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBOX.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Form.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\eclipse.inf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Copenhagen 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237225.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02074_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0233665.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Solstice.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.rll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libhttps_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232803.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplateRTL.html 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ga\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-4 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_SlateBlue.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\LightSpirit.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\InfoPathWelcomeImage.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XML2WORD.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libuleaddvaudio_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UNT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\high-contrast.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21330_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Video-48.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAProject.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME43.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\EmptyDatabase.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02426_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SHARING.CFG 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\resources\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107130.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196060.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153089.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART5.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_OFF.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Phoenix 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ORIG98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.sig 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcanvas_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME41.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR25F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14513_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSGR3EN.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099170.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\DataServices\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdatt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216612.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE 403a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\defaults\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\AUTHORS.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\km\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\npt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00525_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00121_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00458_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\settings.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\logsession.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Ushuaia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME53.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2B.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\stdole.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Trek.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AIR98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bn\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\logs\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198234.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01141_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSGR3ES.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multitabs.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Maroon.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107482.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187647.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SPACER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKDECS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LINEACT.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101862.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\GostName.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\bin\server\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_SlateBlue.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\librss_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\j2pcsc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansDemiBold.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00737_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImage.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\splashscreen.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00165_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341653.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382968.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02125_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\OCEAN_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WORDIRM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\JNGLE_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02009_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\NUMERIC.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_performance_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kiritimati 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00097_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287019.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL089.XML 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\MSMAPI\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DisableBlock.m1v 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm_export.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\jsprofilerui.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\ie9props.propdesc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145168.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Technic.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21482_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPISHELLR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00160_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00231_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRLEX.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIcon.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\lv.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234266.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa37.hyp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\fxplugins.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\ACTIVITL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IE.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libdummy_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01777_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02413_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSO.ACL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.fr\Proof.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Johannesburg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00720_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03380I.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDREQL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Assets.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libamem_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14985_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BULLETS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\HEADINGBB.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core_0.10.100.v20140424-2042.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01905_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14711_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOff.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_VelvetRose.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00306_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153093.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-output2.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Buenos_Aires 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_08.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15057_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SSGEN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Kerguelen 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01171_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107262.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_09.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL020.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-spi-actions.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ko.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESTL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ONLINE.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\DRUMROLL.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdasql.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01240_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\PASSWORD.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\rmiregistry.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ndjamena 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090783.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Slipstream.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0390072.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\powerpnt.exe.manifest 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Issues.accdt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hr\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Public_Primary_CA.cer 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\MANUAL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado21.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench_1.2.1.v20140901-1244.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BABY_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00231_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMSS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\d3dcompiler_47.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNoteNames.gpd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\01_googleimage.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PINELUMB.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152610.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309664.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Equity.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AccessWeb\CLNTWRAP.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-services.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Verve.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090779.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099167.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Projects.accdt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chihuahua 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01180_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0298653.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-1.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ARFR\MSB1ARFR.ITS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\hprof-16.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.security 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19828_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10263_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_standard_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\liboldmovie_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia.api 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\fonts\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLMAIL.FAE 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tet\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_120.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.ELM 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActionExceptionHandlers.exsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MIMEDIR.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PICTIM32.FLT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Efate 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBCALSO.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\ResolveCompare.temp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02466U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SIGN.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\en_GB\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnPPT.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SBCGLOBAL.NET.XML 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285462.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222017.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-8 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00916_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN103.XML 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLNOTE.FAE 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\hprof.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libvdummy_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18230_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\Dictionaries\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\DVDMaker.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chatham 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02073_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\PortalConnect.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCH.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Bibliography\Style\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCICONS.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\VIBE.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00726_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Oriel.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Tell_City 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OMSMAIN.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\FAX\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01013_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\jamendo.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.RSD 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESTS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.KR.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MX.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\is.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-impl.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200611.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLOGO.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceArray.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RCLRPT.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL044.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BANNER.XML 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00057_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198016.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\dt.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0324694.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18238_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONTACTL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIB.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.clusters 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\GMT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00965_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00837_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\adcjavas.inc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxmedia.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Godthab 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105294.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14833_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\15x15dot.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\utilityfunctions.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7MODELS000C.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7ES.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04235_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME02.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LETTHEAD.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\klist.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\asl-v20.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Istanbul 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00397_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.Infopath.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLMAILR.FAE 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\msdbg2.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-api.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libt140_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21305_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONTACTS.ICO 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Internet Explorer\SIGNUP\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDCAT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MLCFG32.CPL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\_platform_specific\win_x64\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00602_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnOL.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\application.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00512_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18219_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Teal.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Mawson 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-heapwalker.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107446.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libafile_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\LoginForm.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00336_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01491_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\TURABIAN.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\EUROTOOL.XLAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\mobile.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEXBE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Magadan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSProxy.dll 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\nl.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORM.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicTSFrame.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0300520.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115841.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierCloseButton.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107484.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21314_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187895.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10253_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Main.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ReviewRouting_Init.xsn 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\1 Right.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02448_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234657.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\msadc\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-api.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jayapura 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Civic.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OCRVC.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rainy_River 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XPAGE3C.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libts_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows NT\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackground.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02296_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00452_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10336_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qyzylorda 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXPTOOWS.XLA 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR21F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\jnwppr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-output2.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01838_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL054.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Elegant.dotx 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jakarta 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Oriel.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BRCHUR11.POC 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\control\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\logger\libfile_logger_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvmstat.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR36F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\INDST_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\oledb32r.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\lt.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jabswitch.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\Notebook03.onepkg 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309480.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02124_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AR.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Los_Angeles 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15184_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBARBLL.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SOA.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_XPS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPTINPS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Detroit 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313965.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH.HXS 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107182.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Tucuman 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms_3.6.100.v20140422-1825.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tijuana 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wallis 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099191.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ru.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_over.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\MSMAPI\1033\MSMAPI32.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-2 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099193.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15136_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Goose_Bay 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\messageboxerror.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_te.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msader15.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12Resources.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0295241.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\APPTS.ICO 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cs\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\swiftshader\libEGL.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212957.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSRuntime.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSRuntimeUI.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\StatusAway.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GKPowerPoint.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7ES.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\Presentation Designs\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libgme_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01065_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15273_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libcompressor_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099190.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\1033\OFFICE10.MML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14753_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\klist.exe 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-execution.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00526_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\playlist\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Spelling.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Anchorage 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02068_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_underline.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51F.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00272_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00166_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14768_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jerusalem 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01069_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Custom.propdesc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_transcode_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Budapest 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dhaka 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0157995.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QRYINT32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL090.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ca.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBORDER.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Paper.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSDecWrp.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400001.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnssci.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPMediaSharing.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\INLAUNCH.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chicago 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107132.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382969.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jaas_nt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285360.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21297_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Half.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\TECHTOOL.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\trusted.libraries 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00476_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Issue Tracking.gta 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR20F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.lng 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jawt.h 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN02559_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00453_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradfun_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_ON.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\zipfs.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01044_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200377.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0185604.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\CAPSULES.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00042_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLLIBR.REST.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-core.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REMOTE.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309904.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02253_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\brx\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_splitter\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ant-javafx.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183174.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10300_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\es.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Moncton 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWRECE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+2 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tegucigalpa 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00417_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05870_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AWARDHM.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\klist.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152606.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libflaschen_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART1.BDR 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\or\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAProjectUI.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_bullets.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Marquesas 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\psfont.properties.ja 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Halifax 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14867_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02740G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue.css 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\MEIPreload\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwLatin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sv.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstatd.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099146.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03731_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHLEX.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZTOOL.ACCDE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01361_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2B.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\BLUEPRNT.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tripoli 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wake 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00441_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185798.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\zip.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\THROAT.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoBase.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\mk.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01152_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Aspect.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238927.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKDEC.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\helper.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Rio_Gallegos 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297707.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsFormTemplate.html 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGTOC.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENVHM.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-6 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00040_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXLIRMV.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLCTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188679.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR11F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\StatusOnline.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\native2ascii.exe 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-10 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Broken_Hill 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00126_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CRT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\CodeFile.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-execution.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sampler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151063.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBEMAIL.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Skins\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\sRGB.pf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD07761_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198377.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\POLICIES.FDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCD11.POC 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\ProPlusWW.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309920.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageSmall.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099178.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME22.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\IntroducingPowerPoint2010.potx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libpva_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Karachi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Adjacency.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\NL.ROGERS.COM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxwebkit.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02503U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Opulent.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMARQ.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_elf.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241781.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipRes.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ms.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183198.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Code_Signing_2001-4_CA.cer 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10337_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dushanbe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Modern.dotx 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EURO\MSOEURO.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME28.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\sidebar.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLPROXY.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\play-background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\IPDSINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\COUPLER.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00784_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02048_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkWatson.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Brisbane 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240389.profile.gz 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\pack200.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.bat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18216_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\JFONT.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BORDERBB.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-text.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18213_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382950.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02750G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_SlateBlue.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME04.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\StarterApplicationDescriptors.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_dummy_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-lib-uihandler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Macau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0230553.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00726_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199469.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSSKETLG.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0336075.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10219_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18209_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL083.XML 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00261_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03011U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02228_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0183290.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands_3.6.100.v20140528-1422.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-cli.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178460.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santo_Domingo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01545_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195248.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\setup.swf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105496.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00736_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADVCMP.DIC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301052.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcfr.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\CopyRepair.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DissolveAnother.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\localedata.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tallinn 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TextFile.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBE7INTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\excelcnvpxy.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBTRAP.DLL 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup-impl.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00100_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152430.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR37F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIconsMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kamchatka 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237759.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\en-US\wab32res.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105600.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02759J.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\connectionmanager_dmr.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libalphamask_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\MSOERES.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ARFR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293238.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR15F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_ON.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00095_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME54.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\management.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00914_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21304_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01139_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\de\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2ssv.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME38.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BROCHURE.DPV 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcfr.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding_1.6.200.v20140528-1422.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-progress.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dtplugin\deployJava1.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN102.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB3A.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwgl_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.command_0.10.0.v201209301215.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7Handle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Thatch.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00117_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Media.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.JS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107718.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Thatch.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Earthy.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0278882.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\offset.ax 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application.xml 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Windhoek 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01080_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOCFU.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143748.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18243_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Country.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\xlsrvintl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301418.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Extensions\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\nb.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft.NET\RedistList\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Aspect.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUTHZAX.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\micaut.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099185.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Opulent.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_VelvetRose.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeAUM_rootCert.cer 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Makassar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00135_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01160_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01866_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02082_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18226_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FRAR\MSB1FRAR.ITS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\GoldRing.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239063.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01607U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287408.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01954_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Start End Dates.accft 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrb.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14579_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\El_Salvador 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_file_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CSS7DATA000A.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\adovbs.inc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hovd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02742U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CLVWINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21343_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMEEXT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Office32WW.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304405.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ContemporaryPhotoAlbum.potx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\en-US\MsMpRes.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Madrid 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21294_.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYBB.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-explorer.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vincennes 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01793_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\MMHMM.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\npt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297725.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ExtExport.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Elemental.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299125.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WHITEBOX.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLVBS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105240.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0337280.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR23F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\de.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Manaus 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-utilities.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-charts.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Maroon.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\STSLIST.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseover.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fil.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\lt.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\COPYRIGHT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.jasper.glassfish_2.2.2.v201205150955.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21518_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\networkinspection.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861261279.profile.gz 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\IPEDINTL.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdadc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MDIParent.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\Install\{5DF2DCA9-BD54-4513-9B32-2C551D72B961}\83.0.4103.106_chrome_installer.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Manila 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01253_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.BusinessData.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199755.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTFORM.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR14F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7FR.dub 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-compat.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04174_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107138.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR41F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152698.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Pushpin.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Oslo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02313_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWRECC.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceAmharic.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_ca.xml 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01126_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.VN.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado15.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Fancy.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-uihandler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Sofia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18251_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingEngine.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01751_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_TexturedBlue.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\FeedSync.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\jaccess.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02093_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\BHOINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232171.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_dummy_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Trek.eftx 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Document Parts\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdfmap.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+5 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099174.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153091.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\InfoPathOM\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Graph.jtp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ar.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200151.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14882_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKACC.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\abcpy.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME24.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImageMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382962.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00034_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0332364.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL078.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ka\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Windows Journal\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341554.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Technic.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSACC.OLB 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\PDIALOG.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoAcq.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\hprof.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-heapwalker.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CGMIMP32.HLP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBrowserUpgrade.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGAD.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\SEAMARBL.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\toc.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00482_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01296_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPTICO.EXE 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hu\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.contexts_1.3.100.v20140407-1019.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dili 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186362.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\background.gif 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09662_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01734_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL086.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pa\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\db\lib\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme_0.9.300.v20140424-2042.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-charts.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\REFEDIT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Uninstall Information\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libprojectm_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.configuration_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\StatusDoNotDisturb.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL092.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_228ef1_256x240.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-compat.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01565_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\PublicFunctions.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+10 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341447.JPG 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmpnssci.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_center.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSYUBIN7.DLL 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\docs.crx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImagesMask256Colors.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\builtincontrolsschema.xsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.SYD 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Amman 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0175361.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OCRHC.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.JP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01848_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\GRAY.pf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\Welcome.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-core-kit.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dt_shmem.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Reunion 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_05.MID 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21340_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN002.XML 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotionblur_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsptg.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Currie 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Dialog.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\net.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0186002.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCDDSF.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vincennes 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rightnav.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Monaco 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Adjacency.thmx 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18223_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_OFF.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guam 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01849_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Flow.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-nodes.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_TW.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02077_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLN.PPT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195260.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21296_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLR.SAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\THMBNAIL.PNG 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Recife 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04108_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ieproxy.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WWINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIcon.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet.jsp_2.2.0.v201112011158.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\kinit.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx26410b_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21344_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.JS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libvmem_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_48.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.fr\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-spi-quicksearch.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\about.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\ProtectUse.eprtx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libgoom_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\eula.rtf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\SynchronizationEula.rtf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Apothecary.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCRD98.POC 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_out\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216600.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0228823.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01742_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Hermosillo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_olv.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-cli.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\LINEAR_RGB.pf 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15021_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21348_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL103.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\setup.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\ktab.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLSLICER.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUNGLE.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.RSA 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-options.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GKWord.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\SETUP.XML 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02233_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thule 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPORT.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Athens 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB7.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpClient.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jakarta 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0230558.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199727.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\UpdateTrace.mp2 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libtransform_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Galapagos 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10335_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21365_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR17F.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Managua 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00241_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199473.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Shades of Blue.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\WinMail.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Horizon.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XLICONS.EXE 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\is\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00267_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086478.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03331_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05665_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\RE00006_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01143_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0234376.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAIL.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.smil_1.0.0.v200806040011.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sa.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00350_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149887.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PG_INDEX.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-windows.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152716.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Apex.xml 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLPH.DLL 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01634_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21335_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\1 Top.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jni.h 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_spellcheck.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ne.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Chita 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\en-US\MpEvMsg.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIcons.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker_1.1.200.v20131119-0908.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CLASSIC1.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14982_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vienna 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216588.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALNDR98.POC 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\db\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Damascus 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\INLAUNCH.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Lisbon 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099177.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03459_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\InfoPathMUI.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297185.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21295_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdca_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTBOX.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielResume.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanMergeLetter.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jconsole.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212751.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZMAIN.ACCDE 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\librtpvideo_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\jnwmon.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Class.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado26.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tunis 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Midway 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341645.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01575_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099192.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\RADAR.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00351_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALENDAR.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GIFT.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fr.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\RenderingControl.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msxactps.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-actions.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN081.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01035U.BMP 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help_3.6.0.v20130326-1254.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application-views.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00687_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_es.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jabswitch.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mauritius 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\DefaultBlackAndWhite.dotx 403a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00296_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.SE.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateCore.exe 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\platform.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_ja.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sl\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21481_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\youtube.crx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-queries.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090089.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02270_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00127_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01167_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Earthy.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENV11.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-threaddump.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00169_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Class.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\LEVEL.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Palau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\BREEZE.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00130_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10266_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\MAIL.ICO 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Edmonton 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Winamac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\HST10 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\macroprogress.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Beirut 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00352_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\GRIPMASK.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\RELAY.CER 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBHOME.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\HST10 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0217872.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02223U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\hrtfs\dodeca_and_7channel_3DSL_HRTF.sofa 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\pt-PT.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\co.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jli.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00195_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPAPERS.INI 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\VVIEWRES.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SlateBlue.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOCFUIUTILITIESDLL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Tabs.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Monterrey 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\sa-jdi.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Swift_Current 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Apex.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-j2se-1.0.2.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400003.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Clarity.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME48.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Jujuy 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_decreaseindent.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.ES.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado25.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_cs.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0318448.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02522_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCDDSLM.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\background.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Components\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsVersion1Warning.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MAPIR.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImageMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianMergeLetter.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174952.JPG 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\uk\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14980_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Thatch.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00269_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105588.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01421_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212601.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Groove Starter Template.xsn 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1036\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\DirectDB.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-progress.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_HighMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBrowserUpgrade.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Copenhagen 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04206_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\COUPON.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\lgpllibs.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvm.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107188.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21413_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\images\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid_over.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FORMCTL.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\currency.data 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santo_Domingo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0296288.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\SketchIconImages.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chuuk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDCNCLL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImages.jpg 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\PublicFunctions.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\El_Aaiun 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Mendoza 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182689.JPG 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Visualizations\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+4 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageSlice.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ky\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR39F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\common.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\JNWDRV.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\splash.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00455_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Office 2.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Knox 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN107.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALHM.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+11 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sampler.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18247_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21321_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03668_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21334_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45B.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kinit.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313896.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Median.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\en-US.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0251925.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21495_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\header.gif 403a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01770_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MSTHED98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlcese35.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Funafuti 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01858_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\DirectDB.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-io.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIcons.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MENU98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-CN.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jmx.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01145_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00222_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianResume.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382926.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285444.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-print.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183574.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187851.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx264_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\ICE.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00018_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSSync.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHDHM.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBHD.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ml\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\nl.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\JdbcOdbc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Knox 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01563_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00557_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14531_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285698.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CERTINTL.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Msgbox.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\London 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01064_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackgroundRTL.jpg 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\en-US\Sidebar.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\sbdrop.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-windows.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00170_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImages.jpg 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_tr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macGrey.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00297_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287641.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10264_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\id.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241043.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18241_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msador15.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00734_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Premium.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_on.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\THOCRAPI.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianMergeFax.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Reunion 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-modules-appui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151045.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185800.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.JP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe.config 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\SETUP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-1 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153265.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Indianapolis 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103402.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Windows Defender\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\F12Tools.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105266.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyMergeLetter.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_gather_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\setup_wm.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Thawte Root Certificate.cer 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Folders\1033\MSOSVINT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143743.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OSPP.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGDOTS.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME51.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CLICK.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tegucigalpa 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novosibirsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00640_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Photo Viewer\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Miquelon 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kosrae 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaremr.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\hu.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en-GB.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_pitch_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jcmd.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\St_Johns 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\MSSPC.ECF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ALERT.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-visual.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01239_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04332_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\README.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ru.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_OFF.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Recife 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\help.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00161_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00238_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX9.x3d 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\da.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200183.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Category.accft 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\02_frenchtv.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right_over.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libglspectrum_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\THMBNAIL.PNG 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBCOLOR.SCM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIconsMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABOFF.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\WATERMAR.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsHub_is.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST7MDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\STOPICON.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsVersion1Warning.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LOGO98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmplayer.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEERR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00775_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKACCS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BREAK.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ru.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\hxdsui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\rtscom.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Currie 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7ES.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\WTSP61MS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-execution.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00231_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBLR6.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POST.CFG 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Casual.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libmmdevice_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\SETUP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTIT.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02748G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB2B.BDR 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\si\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yerevan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluTSFrame.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182898.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0295069.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\bdcmetadataresource.xsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvmstat.xml 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\UmOutlookStrings.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143758.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Equity.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libgl_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Tell_City 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh89 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00394_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02045_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\hxdsui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsImageTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADVTEL.DIC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL010.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlcecompact35.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\content-types.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107658.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00513_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0283209.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Esl\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292278.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\hxdsui.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304875.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BUTTON.JPG 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe.sig 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdcp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\OARPMANR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099145.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSODCW.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielMergeFax.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCARD.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\rtstreamsource.ax 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-3 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099194.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14984_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14677_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\uninstall\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SAMPLES\SOLVSAMP.XLS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\EquityFax.Dotx 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libmosaic_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\installer.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21399_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\bdcmetadata.xsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLTASKR.FAE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01221K.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLINTL32.REST.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow.css 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00297_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00116_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGHEADING.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessData.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\README.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmprph.exe 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Paris 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Gaza 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_GreenTea.gif 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Portal\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nassau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00298_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.InfoPath.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01658_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\STUBBY2.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CACH.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_increaseindent.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382955.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384888.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00305_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialLetter.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc16x16.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libps_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IpsPlugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Executive.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrow.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PINELUMB.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.InfoPath.Client.Internal.CLRHost.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLACCT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-utilities.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-utilities.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02742G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EMSMDB32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\splash.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OUTGOING.ICO 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Install\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\an.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLMIME.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00236_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107280.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\gui\libskins2_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\el.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FORM98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Text.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101980.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR30F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\zh-CN.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_it.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199661.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301252.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\PROCDB.XLAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ccme_base.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javafx-font.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292272.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00610_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME42.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\CsiSoap.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\Timeline.cpu.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.artifact.repository.prefs 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Madeira 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239965.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_disable.gif 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.access 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00021_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityResume.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_18_b81900_40x40.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099160.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Foundry.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZCARD.DPV 403a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\default_thumb.jpg 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\VelvetRose.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libty_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mraut.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoAcq.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099204.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107254.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DOCL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\ResourceInternal.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01368_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\ACCOLK.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\NOTEL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.STD 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.c 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chicago 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00110_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15156_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FiveRules.potx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_xml.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01639_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02791_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MsMpLics.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL026.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\winamp2.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Country.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libshm_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\LICENSE 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-common.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02398U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\ADMPlugin.apl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR19F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableDownArrow.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7Models0011.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.conf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-explorer.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Krasnoyarsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PULQOT98.POC 403a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152436.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\VCTRN_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14793_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\CIEXYZ.pf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\contbig.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_win7.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\removed-files 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpenc.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01172_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00233_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup-impl.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Maceio 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CSS7DATA0009.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN082.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200616092700.pma 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_et.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\JPEGIM32.FLT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-core-kit.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multiview.xml 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Angles.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBARBLL.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Pine_Lumber.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\fxplugins.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0293832.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00468_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Tags.accft 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libskiptags_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATWIZ11.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\DADSHIRT.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Canary 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43B.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PAGESIZE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.win32.x86_64_1.0.100.v20130327-1442.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01238_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPrintTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormToolImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts2.css 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunec.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Noronha 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15023_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384862.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Microsoft.Ink.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-modules.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MP00021_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImage.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\VideoLAN Website.url 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX8.x3d 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0251007.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0230876.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.http_8.1.14.v20131031.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPQUOT.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RSPMECH.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXLIRM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\subscription.xsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\wabfind.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\oskmenubase.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08758_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ja.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\smtp.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00494_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Triedit\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Fortaleza 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00248_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVE.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\AssertWait.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107452.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03379I.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONLNTCOMLIB.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEB11.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdate.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01196_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115855.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME40.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\F12.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tehran 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01293_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\background.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWER.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BillingStatement.xltx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabfind.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\IEShims.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Blanc-Sablon 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Center 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105974.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libglwin32_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\skchui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscat.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287417.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GFX.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAMECONTROLSERVER.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICTPH.POC 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Resolute 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\DumontDUrville 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RECS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\BG_ADOBE.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\equalizer_window.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libremap_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSTORES.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msaddsr.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\libEGL.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-actions.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107264.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\webbase.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_over.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBlankPage.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32res.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\ieinstal.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dubai 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14845_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACEDAO.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01618_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00957_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\PAB.SAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03464_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\83.0.4103.106.manifest 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\SIGNUP\install.ins 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cambridge_Bay 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145904.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado28.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00019_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Bibliography\BIBFORM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\3082\MSO.ACL 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.events_3.0.0.draft20060413_v201105210656.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240157.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200467.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0281904.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\TOOT.WAV 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_ja.jar 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIcons.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpAsDesc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195788.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241019.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\access_output\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01657_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182902.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00152_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18194_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WPULQT98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ospintl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SOCIALPROVIDER.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm_cmd.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_10_p010_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_mr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_rtl.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\servertool.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151041.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00212_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02085_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.RSA 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\WSSFilesToolHomePageBackground.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7EN.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\MedianFax.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Gambier 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00516L.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0302827.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FORM.JS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\NVBELL.NET.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\RECYCLE.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Equity.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18234_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\PLUS.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\Accessories\en-US\wordpad.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Concourse.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00018_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\iedvtool.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\tnameserv.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\blacklist 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292286.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00542_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03014_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_06.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Response.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Inuvik 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02126_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02069J.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01740_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONINTL.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\am.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\index.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\msitss55.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+8 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedbck2.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212219.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN090.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yakutsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lord_Howe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\cy.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.ITS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Gaza 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00200_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BS4BOXES.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ielowutil.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\sonicsptransform.ax 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00853_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01186_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107512.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BS53BOXS.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\MemoryAnalyzer.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\INFOMAIL.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\MSOERES.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-startup.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImages.jpg 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcer.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kabul 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02746G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\STSLISTI.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239951.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\profile.jfc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382961.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00308_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198021.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00218_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01304G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-V 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\System.AddIn.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Berlin 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vilnius 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102002.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\es\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\F12Tools.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Windhoek 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Scoresbysund 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Triedit\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\ielowutil.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\JSByteCodeWin.bin 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Document Parts\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_on.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ka.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Cocos 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\flavormap.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01291_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01164_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02417U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21300_.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ta.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\va.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-lib-uihandler.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boise 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215710.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Metro.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.jetty_3.0.200.v20131021-1843.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099180.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL082.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Nicosia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02423_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECURL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sitka 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baghdad 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginLetter.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME16.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_pressed.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Nairobi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222019.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ashgabat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BOATINST.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105298.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ckb\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\main.css 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VBA\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OOFTMPL.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOUTL.OLB 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CHECKER.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblendbench_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-plaf.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mahe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0149118.JPG 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\pop3.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\ARROW.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_wasapi_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaora.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\MEIPreload\preloaded_data.pb 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\en-US\sbdrop.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Manila 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212299.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\REVERSE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\LightSpirit.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CHIMES.WAV 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\StopInstall.cab 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\main.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0171685.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Aspect.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\TEAROFF.POC 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mr\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunjce_provider.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01041_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\OFFISUPP.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01629_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02288_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00172_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\default.vlt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCARD11.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\fi.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101856.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OOFS.ICO 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\OriginFax.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\LICENSE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Stanley 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialResume.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.Adapter.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Buenos_Aires 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00390_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105710.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382930.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15272_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpconfig.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBENDF98.CHM 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02062U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Civic.thmx 403a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\browser\features\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lt\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NBOOK_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSCOL11.PPD 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santa_Isabel 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14693_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Kerguelen 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\Microsoft.Ink.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02386_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15173_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\GostTitle.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sendopts.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107024.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPrintTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MY.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SegoeChess.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIconMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveReport.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188513.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196364.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01358_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\MSOSEC.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-TW.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-uihandler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mexico_City 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21306_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\default-browser-agent.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\OrielFax.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\ACADEMIC.ONE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\custom.lua 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEES.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jni_md.h 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javaws.policy 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baghdad 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EAST_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099188.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Casual.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL98.POC 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\an\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spc.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jce.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02388_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guayaquil 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianReport.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\MountImport.001 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ko.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152622.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\CURRENCY.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00234_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SPACE_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\OUTLVBA.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SCNPST64.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_fdf5ce_1x400.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libpanoramix_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssv.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Reykjavik 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\REMINDER.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\SEAMARBL.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome.dll.sig 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-util.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21533_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01590_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\PLANNERS.ONE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\PYCC.pf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME-JAVAFX.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153516.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00934_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02567J.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00017_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.exe 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Office\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099159.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00917_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10289_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MsMpRes.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSUPLD.DLL 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\et.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01015_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099148.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_LightSpirit.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\xmlrwbin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\directshowtap.ax 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00414_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382963.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\en-US\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\THMBNAIL.PNG 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cy\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libftp_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\BUZZ.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNote.gpd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PS9CRNRH.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.registry_3.5.400.v20140428-1507.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101858.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBRPH2.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\sandbox.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPSideShowGadget.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0278702.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0291984.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\RELEASE-NOTES.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107544.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-favorites.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Waitcursor.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\el.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.TTS 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACER3X.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENGIDX.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_OffMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\UpdateUnprotect.m4a 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02413_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\1033\CAGCAT10.MML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33B.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libh26x_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\WISC30.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01603_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099176.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Composite.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\BUTTON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Clarity.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\COUGH.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAME.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-BR.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341551.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00882_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDBAR98.POC 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ReviewRouting_Review.xsn 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BS2BARB.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\IRIS.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STP 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateComRegisterShell64.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OCLTINT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSTORDB.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL087.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Fortaleza 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yakutsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00898_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115864.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Pitchbook.potx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\.lastModified 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msolui100.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00172_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ur.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386270.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10298_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\meta_engine\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPDMCCore.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rainy_River 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02071_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Aspect.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.HOL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GREETING.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\java.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.SG.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.Office.Tools.v9.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\attention.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09031_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01146_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107154.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OMSINTL.DLL.IDX_DLL 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Basic\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00648_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmono_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MET 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-io.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV.HXS 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\IMAGE.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Earthy.css 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-util-enumerations.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN01165_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199036.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00246_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0280468.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART7.BDR 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\XLSTART\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCOUPON.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\NBMapTIP.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jconsole.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8PDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196110.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Triedit\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\co\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.JPG 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dushanbe 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\CLIPART\PUB60COR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152890.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewSelectionChanged.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.policy 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICCAP98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SETLANG.EXE 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansDemiBold.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01237_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPHPROXY.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Campo_Grande 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\server\classes.jsa 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kathmandu 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RSSITEM.CFG 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Cairo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXPTOOWS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME44.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWRECS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novosibirsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232393.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\ssv.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\OUTEX.ECF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\RECOVR32.CNV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBPAGE.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-tabcontrol.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00833_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14516_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPIRM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151073.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382958.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR19F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\JP2KLib.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.NO.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACERCLR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-spi-actions.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-spi-actions.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\en-US\msader15.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\cs.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105360.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libripple_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02736U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15022_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-io.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bogota 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-9 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00414_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Music.jtp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\setup_wm.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.LIC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\MENUS.JS 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Khartoum 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198447.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00116_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME20.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN001.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN097.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099203.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PNCTUATE.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7ES.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\ReadOutLoud.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR33F.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OutSyncPC.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAILMOD.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\hxdsui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\jvm.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jmx.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\GRAY.pf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaprst.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBAR11.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\RTFHTML.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\xul.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Macau 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00164_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GreenTea.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\UrbanFax.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Marquesas 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00923_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00942_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterBold.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh89 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_gu.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\handsafe.reg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\t2k.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16Images.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MORPH9.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187835.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RESENDS.ICO 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04385_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00146_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BROCHURE.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\EXPLODE.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN058.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libadpcm_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00084_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01149_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00686_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSQRY32.CHM 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\rtstreamsink.ax 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PDDom.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UserControl.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149407.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14792_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Vostok 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196358.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239941.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CNFNOT.CFG 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_GreenTea.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\eu.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Maceio 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0233992.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GreenTea.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL077.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMAIN.XML 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Monticello 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182888.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_italic.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00014_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21366_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_AutoMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382957.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\qipcap64.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ku.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Adjacency.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18184_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7fr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_CN.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102984.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14791_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogoBeta.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\en-US\MpAsDesc.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15060_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15168_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Generic.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.ths 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ct.sym 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR22F.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ieinstal.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7-zip32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00114_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01046J.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Office32MUI.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImagesMask.bmp 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench_1.1.0.v20140512-1820.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01152_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+8 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Couture.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\DESKSAM.SAM 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PUBWIZ\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\da\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOCF.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Skins\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_read_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\performance.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Halifax 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21421_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21336_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FLT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153313.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18197_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Visualizer.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-progress-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\plugin.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD07804_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107192.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\main.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_decreaseindent.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-execution.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\localedata.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00170_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00221_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18242_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7es.kic 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\ITIRCL55.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Vostok 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152570.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00286_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaprsr.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextService.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUI.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\1047x576black.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\policytool.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00273_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7ES.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\pack200.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME15.CSS 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Microsoft.Ink.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javafxpackager.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Foundry.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH.HXS 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bs\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\WANS.NET.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryNewsletter.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Faroe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00444_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107728.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08808_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382938.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02022_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaremr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183172.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02051_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PROG98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.Server.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Taipei 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382960.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\wlsrvc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipBand.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14528_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\MSClientDataMgr\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPTSFrame.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_120.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\NamedURLs.HxK 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_livehttp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\rt.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301432.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01300_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MAPIR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTEMANAGED.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplateRTL.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-queries.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-search.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0282126.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387337.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21480_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099205.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00603_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18248_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21377_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator_1.1.0.v20131217-1203.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01058_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\tzmappings 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\wab.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\config.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-attach.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Rio_Gallegos 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00010_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUDGESCH.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN105.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\mn.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Connectivity.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\WinMail.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\SIST02.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYBB.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106572.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01130_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115863.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\background.gif 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00262_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086432.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02356_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\VERSION.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101857.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00444_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_smem_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Winnipeg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00486_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPreviewTemplate.html 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00235_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285796.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_hyperlink.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\TraceUnblock.vsw 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\DELIMR.FAE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIcons.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.xml 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Blanc-Sablon 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10358_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\fi.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-options.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\La_Rioja 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15277_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_no.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10290_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESPL.ICO 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zurich 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\VERSION.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0290548.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\adovbs.inc 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledbvbs.inc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsImageTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.BusinessData.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7cm_fr.dub 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174635.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02829J.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21320_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Document Parts\1033\14\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CONTACT.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libgestures_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT632.CNV 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21337_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.SqlServerCe.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\keystore\libmemory_keystore_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pago_Pago 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.attributeTransformation.exsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sampler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLLEX.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Regina 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\HST 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdaps.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryResume.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.resources_3.9.1.v20140825-1431.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00448_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0318810.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10301_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Journal.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdater.cer 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\adojavas.inc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jawt_md.h 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\blacklist 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05869_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONTACT.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\ConnectionManager.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.LTS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscsy.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_fr.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\form_edit.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PS10TARG.POC 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\art\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086424.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Foundry.eftx 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPUNCT.DPV 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\Desktop\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\descript.ion 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tijuana 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00808_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\TableTextService\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACECORE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21315_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCD98SP.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libreal_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Civic.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10297_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DISTLSTL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Orange Circles.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-uisupport.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.common_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\La_Paz 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186364.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_display_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DebugEnter.mp3 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-modules.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02312_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHighMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libfingerprinter_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\bod_r.TTF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01354_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImages.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBAD.XML 403a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Network Sharing\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MP00646_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01332U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01461_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239953.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222015.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\browser\VisualElements\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00256_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR12F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\liveleak.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\delete.avi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Noumea 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.el_2.2.0.v201303151357.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Abidjan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00779_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmplayer.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\Argentina\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianLetter.Dotx 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\OmdProject.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107488.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00913_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Hardcover.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14692_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\SaveDisable.potm 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmticmlr.h 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281008.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7FR.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsharpen_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\GetResize.tif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanResume.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pyongyang 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01472_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\ODeploy.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\local_policy.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Monterrey 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONPPTAddin.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Icons\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipres.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PRRT.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME23.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.ID.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\FindRead.aifc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0179963.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Flow.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\COIN.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.password.template 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152558.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178459.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215070.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01123_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabmig.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyLetter.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\gu.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baku 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\new-trigger-wiz.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0202045.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Opulent.xml 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ne\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\si.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\OmdBase.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\iexplore.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\larrow.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01084_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libscte18_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187849.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\La_Rioja 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7wre_fr.dub 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200616092334.pma 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro_3.4.200.v20130326-1254.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\TIME.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\ExitJoin.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHMAIN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALSO11.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\License.txt 403a1s0ssssd7da.exe File created C:\Program Files\Internet Explorer\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic 2.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts2.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\InformationIconMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_OliveGreen.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.jpg 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nn\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01329_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384885.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Paper.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB1B.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00395_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18203_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\BG_ADOBE.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\tpcps.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Swift_Current 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02390_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Urban.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-modules-profiler_visualvm.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105912.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199609.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VS_ComponentSigningIntermediate.cer 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-private-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10268_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MML2OMML.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.config 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01627_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00013_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05930_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado27.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46F.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\skins\fonts\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png 403a1s0ssssd7da.exe File created C:\Program Files\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ja.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Jamaica 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.INF 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\LoginDialogBackground.jpg 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0214098.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSO0127.ACL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemuxdump_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187839.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolui100.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Glace_Bay 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152894.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME17.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\BG_ADOBE.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SAVE.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chihuahua 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00438_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107342.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382939.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Apex.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\AdobePDF417.pmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingEngine.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7-zip.chm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Beige.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME18.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_TexturedBlue.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\extensions\VLSub.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\send-email-16.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285780.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14871_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME29.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7wre_en.dub 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\it.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\DumontDUrville 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00405_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Updater6\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Adobe.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsmb_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\vi.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi_3.10.1.v20140909-1633.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02115_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157177.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Stock Quotes.iqy 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaws.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00148_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\New_Skins.url 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02088_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielLetter.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\lij.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Paramaribo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\access-bridge-64.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15134_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gl\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpCommu.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUOPTIN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPNSSUI.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.IDX 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\jsdbgui.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPDMC.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Menominee 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Opulent.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtextst_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libinflate_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Hermosillo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\EXITEMS.ICO 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice.exe 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ta\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libvod_rtsp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Darwin 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN02724_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\logs\maintenanceservice-install.log 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_RGB_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151047.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02441_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\excelcnv.exe 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\et\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignright.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240291.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME33.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-hang-ui.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Csi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mexico_City 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Karachi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04225_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECURE.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01875_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImage.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ERROR.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIconMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\WSS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nassau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PAPER_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME09.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SOCIALCONNECTOR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LISTBOX.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Tucuman 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00932_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Solstice.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21519_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_REVIEW.XSN 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00795_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\MSOSEC.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libremoteosd_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\conticon.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0251301.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplateRTL.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02169_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLJRNLR.FAE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB2A.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ug.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107480.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGDOTS.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_nl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Concourse.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234131.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_INIT.XSN 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWSS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105638.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02198_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-queries.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105230.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00211_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XOCR3.PSP 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\SettingsInternal.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\msvcr100.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_off.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCARD.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfig.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Address.accft 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\eclipse.inf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\omni.ja 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_LightSpirit.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libtcp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogoCanary.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099155.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287642.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0300912.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR14F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKACCL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.DE.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kiev 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Creston 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bishkek 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00276_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107468.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Office Word 2003 Look.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153398.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\BORDERS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR16F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMARQ.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\access-bridge-64.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository_1.1.300.v20131211-1531.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00485_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01297_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ro.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_SlateBlue.gif 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\XML Files\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libinteger_mixer_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaps.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Chagos 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187863.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\flavormap.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03451_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\3082\MSGR3ES.DLL 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Urban.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpnssci.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mac.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-fallback.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0177257.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195428.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239191.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CET 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099201.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPOLK.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\PACBELL.NET.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ms\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpSvc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00524_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\TexturedBlue.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\mpvis.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Stockholm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03339_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.Infopath.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msxactps.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWDAT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-threaddump.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CLVIEW.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECRECL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrome.7z 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPWEC.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-visual.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106816.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\classlist 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\deploy\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090149.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB11.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\tesselate.x3d 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\perfcore.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\schemagen.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152414.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00199_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\hr.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\El_Salvador 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-api.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Premium.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.TH.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libkaraoke_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19563_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00345_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GreenTea.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multitabs.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-io-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01478U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\LogoCanary.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01585_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Casual.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\msaccess.exe.manifest 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ja_JP.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup-impl.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-common.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN086.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\2 Top.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\ImagingDevices.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\networkinspection.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\msvcr100.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00938_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02055_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CAMERA.WAV 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Triedit\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PRTF9.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\GroupSubmit.edrwx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\attention.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7es.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libchain_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcor.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sr.pak 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\msvcr100.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01299_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_srt_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00373_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialReport.dotx 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_extended.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpOAV.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02437_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL075.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\text_renderer\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0090386.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0205582.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL109.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jsound.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02389_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00411_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GREET11.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdatl3.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multitabs.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_F_COL.HXK 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Lima 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montevideo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft.Office.InfoPath.targets 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\header.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RESUME.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00638_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14830_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\ui.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_sv.properties 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0148757.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216540.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02446_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14539_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLPERF.H 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImage.jpg 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\sunec.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18233_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\jquery.jstree.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\gu.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\networkinspection.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115868.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00433_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24Images.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7EN.dub 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome_pwa_launcher.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENES\MSB1ENES.ITS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01572_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ENVELOPR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPLTMPL.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\BTINTERNET.NET.XML 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\RICEPAPR.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\El_Aaiun 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-tools.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01044_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_de.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Discussion.gta 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Customer Support.fdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGN.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZX______.PFB 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qatar 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcs.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseout.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tripoli 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Campo_Grande 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01039_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0251871.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18210_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\psfontj2d.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20140422-1847.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Bucharest 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UTC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Composite.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME07.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\background.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02134_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCESS12.ACC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_HK.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099152.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18218_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.json 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-api-caching.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielMergeLetter.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Esl\AiodLite.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\eventlog_provider.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01140_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_choosecolor.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\BTOPENWORLD.COM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\INVITE11.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Goose_Bay 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00174_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239057.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02793_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayenne 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01176_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00915_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152702.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Manuscript.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\create_stream.html 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115842.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKREQL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\messageboxinfo.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BANNER.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-oql.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sa.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105504.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\Ole DB\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+3 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Black Tie.xml 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ks_IN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107150.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153302.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCVDTUI.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee90.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javah.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01162_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099151.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WNTER_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Paper.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XMLSDK5.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\ssvagent.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02039_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WhiteboxMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\keypadbase.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL097.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6CDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01635_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0298897.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fi\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_italic.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePage.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7zG.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\jaccess.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CARBN_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sampler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management\snmp.acl.template 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\MINUS.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.swf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIconMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libinvert_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Earthy.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLFLTR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0150861.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152876.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0234001.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199549.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WORDREP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\pdf.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382970.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLLIBR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PAWPRINT.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core_2.3.0.v20131211-1531.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00242_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00705_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Executive.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSTORY.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_FR.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\PST8PDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107308.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Concourse.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\skchobj.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-annotations-common.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONINTL.REST.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPreviewTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00531L.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00459_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Grid.thmx 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Mail\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\MMSL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00543_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPICCAP.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liboggspots_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santiago 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javaw.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198020.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLBAR.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\about.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00732_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Technic.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OnLineBusy.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\SNEEZE.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\GWE.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director_2.3.100.v20140224-1921.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240175.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00810_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\he.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02371_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR32F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\+Connect to New Data Source.odc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityLetter.Dotx 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\pt-br.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00437_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_2.jtp 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABMASK.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSIDEBRV.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.htm 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\msadc\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00685_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18228_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\PersonalContact.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALSO98.POC 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\wxpr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msador15.dll 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Stationery\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dhaka 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieMergeLetter.dotx 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Eucla 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152722.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0332268.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tehran 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Median.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ViewHeaderPreview.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107358.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Groove.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02282_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00364_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\SessionOwner.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\New_Salem 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00242_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115856.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\1033\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00184_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CORE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Louisville 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\keytool.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Melbourne 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\default.jfc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01560_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fa.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Gambier 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\freebl3.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLWVW.DLL.IDX_DLL 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL105.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Major Indicies.iqy 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00184_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00345_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\Accessible.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBAR.DPV 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hu.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dcpr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jvm.hprof.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145212.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OneNoteSyncPCIntl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR37F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Country.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginMergeFax.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\fieldswitch.ax 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SOCIALCONNECTORRES.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\ViewHeaderPreview.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiBold.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN03500_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.TW.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSLaunch.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSetupPS.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jli.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Bissau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\IPOLKINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginReport.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdav1d_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Barbados 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sao_Paulo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_222222_256x240.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART8.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ContactPicker.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveResume.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02746U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105338.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0324704.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR28F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01749_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Person.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MSTAG.TLB 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105238.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309585.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00330_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\WHOOSH.WAV 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaenum.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Portable Devices\sqmapi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanMergeFax.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_socket.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14883_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSQRY32.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen.css 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0214948.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Apothecary.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21327_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115839.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsVersion1Warning.htm 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\logger\libconsole_logger_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mip.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00564_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Essential.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18231_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsColorChart.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\rtscom.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FBIBLIO.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port_of_Spain 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\PUSH.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382942.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGAD.DPV 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\PROOF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Regina 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Volgograd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200163.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Apex.eftx 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNoteSyncPC.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_nv12_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Stockholm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187825.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libnormvol_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\SignedManagedObjects.cer 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.Infopath.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+4 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099173.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE06049_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216858.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\CHICAGO.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrw.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02740U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Author2String.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\msproof7.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\2 Right.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jaas_nt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUAUTH.CAB 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Macquarie 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285820.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\br.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Helsinki 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00241_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CDLMSO.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Paris 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01473_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\Journal.exe.mui 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WHIRL1.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185786.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\83.0.4103.106\83.0.4103.106_chrome_installer.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.es\Proof.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.RSA 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwasapi_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierUpArrow.jpg 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\soniccolorconverter.ax 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Invite or Link.one 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OFFLINE.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.PH.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ru\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.bat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21433_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Angles.xml 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvnc_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\CircleSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\serialver.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nome 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21326_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7en.kic 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+6 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105234.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00058_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15072_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00935_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENVELOPE.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpconfig.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Caracas 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-oql.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19695_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21390_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ko.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14831_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLMACRO.CHM 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ja.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105526.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188667.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195342.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18220_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdtv_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado27.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00177_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImages.jpg 403a1s0ssssd7da.exe File created C:\Program Files\Windows Journal\Templates\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterBold.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01166_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Documentation\1033\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nl\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01253_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21364_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrowMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Edmonton 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\ACCWIZ\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\omni.ja 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00820_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_GreenTea.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\th.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Nauru 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluHandle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04326_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado20.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ml.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OWSSUPP.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00693_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00915_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_F_COL.HXK 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jsse.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Equity.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_setid_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\TableTextService\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\hu.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PREVIEW.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Minsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VGX\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-spi-quicksearch.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0252669.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dts_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_TW.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\create_form.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSWAVY.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Casual.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp_3.6.300.v20140407-1855.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pohnpei 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00932_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01160_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\PipelineSegments.store 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00159_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14757_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\MEDIA\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiler.xml 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00673L.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPOlive.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15035_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPHandle.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ACE.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordcnv.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\it.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_kn.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\MTEXTRA.TTF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01173_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00423_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MAIN.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01295_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0157763.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKREQ.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099157.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00452_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN022.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\axvlc.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02407_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0304933.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiItalic.ttf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Panama 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\tt.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\London 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0282932.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00232_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nipigon 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Bermuda 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14595_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\OFFICE10.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libstl_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-awt.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0293800.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCD98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SNIPE.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST7MDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00174_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14580_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297757.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00367_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACWIZRC.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Premium.gif 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00956_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01839_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Skins\Revert.wmz 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tahiti 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107712.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABON.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152688.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00809_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WORDIRMV.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182946.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWCUTCHR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Origin.eftx 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\fontmanager.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Catamarca 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101865.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\jsdebuggeride.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0315580.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21310_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OOFL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableUpArrow.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\ROGERS.COM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\charsets.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9YDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\hrtfs\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\librotate_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Rome 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OnLineIdle.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.htm 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Godthab 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14655_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsColorChart.html 403a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-io-ui.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185834.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01797_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04134_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBLINK.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\THMBNAIL.PNG 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\dnsns.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGZIP.DPV 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152628.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZLIB.ACCDE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Adobe.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\GIGGLE.WAV 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099182.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212953.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasql.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0217698.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Back-48.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1AR.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Adelaide 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105380.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VBAOWS10.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vevay 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Trek.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKUPD.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\plugin.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\1033\MSGR3EN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7en.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRdIF.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBOB6.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106146.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107496.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00454_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00728_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Data1.cab 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieLetter.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_dummy_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART6.BDR 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\WidescreenPresentation.potx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kiev 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01682_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00671_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01245_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\Management.cer 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.lock 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18182_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SNET.NET.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\STUDIO.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_off.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPDESIGN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00011_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\DAO\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105306.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Bougainville 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152608.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\te.pak 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Mail\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLINACC.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Currency Rates.iqy 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateBroker.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\doclib.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00419_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21299_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarViewButtonImages.jpg 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\MDIParent.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\LICENSE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ADD.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqloledb.rll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\micaut.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-snaptracer.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00704_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewDblClick.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\en-US\wab32res.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CRANINST.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_disable.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Full.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Matamoros 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-visual.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Glace_Bay 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00256_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\mozglue.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Warsaw 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Funafuti 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\profilerinterface.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Grand_Turk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\InkSeg.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADVZIP.DIC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIcon.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\APIFile_8.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00319_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341654.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Essential.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15155_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zurich 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01394_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\StarterToolTemplates.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\th.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Samarkand 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATALOG.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105286.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Grid.xml 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\kk\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232795.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\JAWTAccessBridge-64.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD20013_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105282.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\libvlccore.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REC.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsMacroTemplate.html 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadox.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Chagos 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\WET 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00396_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_on.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-8 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.JS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadrh15.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tahiti 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-favorites.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\acro20.lng 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Discussion.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_pressed.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_delay_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ar.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\license.html 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7MDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02158_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SENDTO.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02187_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATALOG.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZDAT12.ACCDU 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mousedown.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT532.CNV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01761_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN108.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\TRANSMRR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnWD.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\nio.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090781.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297759.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00735_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICSTYLES.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\platform.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0090070.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\requests\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.dtd 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL022.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\he\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Sydney 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ContactPickerIntl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_italic.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPSLAX.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libadummy_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152432.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18198_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\mng.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\eclipse.inf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR39F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00006_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02470U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18200_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\tzmappings 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086384.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.HK.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21376_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL011.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBORDER.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+2 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00685_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00454_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Details.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_browse.html 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_chroma\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Extensions\external_extensions.json 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00445_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Country.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHD98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Accra 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh88 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08868_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPreviewTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301480.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341634.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02464_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00788_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Media Renderer\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14594_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\simplexml.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0171847.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0321179.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15059_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21504_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpshare.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00544_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0233312.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15301_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SplashScreen.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_Loading.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00642_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Groove.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Krasnoyarsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-execution.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cancun 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00790_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107316.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_el.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00919_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15135_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\net.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DissolveNoise.png 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBrowserUpgrade.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\install.log 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImage.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\LASER.WAV 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00538_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00780L.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15302_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\management\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Caracas 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00527_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\OUTDR_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\Filters.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\awt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dumpmeta.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\sqmapi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Syowa 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00142_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceoledb35.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadomd28.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00129_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00392_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\3082\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bangkok 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199307.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB5B.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Perth 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\WindowsAccessBridge-64.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\RM.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ERROR.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBARV.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\audiodepthconverter.ax 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Saipan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02451_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\RSWOP.ICM 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\GRID_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00688_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151581.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02214_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.mshtml.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ms.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01174_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387895.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\COMPUTER.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_70.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwgst.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00910_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199805.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0292982.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_COL.HXT 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\Accessories\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0149018.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrow.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\ehshellLogo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Irkutsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00828_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OMML2MML.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsdl_image_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\hxdsui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledbjvs.inc 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00902_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099156.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Elemental.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\BOMB.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHPHN.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLJRNL.FAE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-search.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152690.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18246_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18202_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106208.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00489_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00255_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0235319.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107502.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341561.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.MMW 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Author2XML.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libprefetch_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\ICE.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-execution.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099171.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21505_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.JS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\APPTL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Earthy.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoAcq.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\SETUP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-windows.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101866.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0217262.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02750U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\reader\filename.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\ECHO.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\classfile_constants.h 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSLID.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\MCABOUT.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TaxonomyControl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\offset_window.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es-419.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\zip.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14794_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14828_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ROAD_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21512_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMASTHD.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ro.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02373_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLV.XLS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLAPPTR.FAE 403a1s0ssssd7da.exe File created C:\Program Files\Windows NT\Accessories\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerConstraints.exsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\BUTTON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB3B.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_block_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libyuv_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0215086.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299611.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdarem.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287643.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBlankPage.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\VOLTAGE.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\es-419.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\DATES.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01744_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Essential.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10265_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sendopts.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00270_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00234_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02208U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAMECONTROLPROXY.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\javafx.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNote-PipelineConfig.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\connectionmanager_dmr.xml 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\mlib_image.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02757U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\WSS\1100.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01746_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKREQS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1033\FPEXT.MSG 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-impl.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UserControl.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232395.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN048.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VC\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Luxembourg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105332.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185776.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hi\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\blocklist.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00194_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178639.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0314068.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ir.idl 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_zh_CN.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00382_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Premium.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RESUME.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Riga 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287018.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bn_IN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OFFREL.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02028_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21398_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\view.html 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4ADT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178348.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Module.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\SalesReport.xltx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239975.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Module.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.XML 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Synchronization Services\ADO.NET\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ba.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME10.CSS 403a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Configuration\Registration\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_hyperlink.gif 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEWSTR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Stanley 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\CLIPART\Publisher\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Foundry.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEDAO.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME47.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DOTS.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\manifest.json 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPERSON.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\README.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\ORG97R.SAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msjro.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\1047x576black.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.data\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdeu.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Flow.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR34F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\WET 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21338_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Status.accft 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUB6INTL.REST.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrowMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvcd_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\gfserrortogroove.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUNGLE.HTM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_es.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01183_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TipsImage.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153047.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\APPT.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jayapura 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-annotations-common.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-core.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jawt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\NOTES.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\handler.reg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\HAMMER.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\wabmig.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21400_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\SETUP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Christmas 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-util-enumerations.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javaws.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsMacroTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseout.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_decreaseindent.gif 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RES98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00005_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105490.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBlankPage.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageSlice.gif 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPUB.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MSASCui.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00546_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CG1606.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185806.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SEQCHK10.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_justify.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Casual.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieResume.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdirectory_demux_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEODBCI.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pidgenx.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0305493.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSAutogen.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityMergeLetter.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-templates.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novokuznetsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099153.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0234000.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.core_2.3.5.v201308161310.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\v8_context_snapshot.bin 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PNG32.FLT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02153_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099187.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099195.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00479_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21520_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Medium.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\background.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\LOOKUP.DAT 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02424_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02431_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00560_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01750_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHSAPIFE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\button.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-doclet.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Porto_Velho 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400004.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\booklist.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-outline.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00197_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21427_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\otkloadr_x64.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\about.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACTIP10.HLP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCDDS.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01562U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libgnutls_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00004_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_off.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\D3DCompiler_47.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfoInternal.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ext.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PAPERS.INI 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\favicon.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libposterize_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\LightSpirit.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SAVE.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\DEEPBLUE.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Resolute 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196354.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnetwk.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ml.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18244_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\d3d9\libdirect3d9_filters_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOInstallerUI.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\F12Resources.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST5EDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00160_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\default_apps\drive.crx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands_0.10.2.v20140424-2344.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-nodes.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00045_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libmft_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\adcvbs.inc 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui_3.106.0.v20140812-1751.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Folder-48.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsepia_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santiago 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Basic\DEFAULT.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImageMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME46.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_over.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\title.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382952.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143745.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18185_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\HandPrints.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145373.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02736G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATWIZ.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ts_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00320_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsusf_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01566_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_COL.HXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\en-US\TableTextService.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wake 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Matamoros 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107708.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178632.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIconsMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DISTLSTS.ICO 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libimem_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\jsprofilerui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\time-span-16.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18193_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157167.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EntityDataHandler.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OMSXP32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7EN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Empty.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher_1.1.0.v20131211-1531.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Technic.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MAPIPH.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox28.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsImageTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hebron 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00523_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Waveform.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0284916.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRINTL32.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcc_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Helsinki 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Rarotonga 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14691_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\CALENDAR.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Xlate_Complete.xsn 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099200.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341455.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18229_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME35.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\Presentation Designs\Maple.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPLACE.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Winnipeg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.SF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00462_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0196400.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UCT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\zipfs.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00559_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME55.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImageMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AD.XML 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\af\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXPSRV.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\awt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\background.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR26F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0213243.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341448.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21329_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-actions.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\security\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sampler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099158.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CharSetTable.chr 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCOUPON.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tr.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignleft.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\wab32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tirane 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107158.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0158071.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00296_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341738.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libantiflicker_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spl.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belize 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Curacao 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00167_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPQUOT.DPV 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\Logo.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hong_Kong 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285782.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSClientManifest.man 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dcpr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107090.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18256_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115876.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18180_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME36.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SLINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\REFINED.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-core.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rio_Branco 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Adjacency.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FEZIP.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32r.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GREETING.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kaliningrad 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SCANPST.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx265_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\LAYERS.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\rjmx.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-options.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237336.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLowMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\MSPVWCTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\amd64\jvm.cfg 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00052_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME27.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libvhs_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AssemblyInfoInternal.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188511.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaom_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00608_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\CLIPART\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387604.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Perspective.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\eula.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Merida 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107724.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL093.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7FR.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\dailymotion.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099161.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293236.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGN98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\eclipse.inf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01182_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromaprint_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\LogoBeta.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-windows.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\kcms.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\UnformattedNumeric.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplate.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penjpn.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\pack200.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\icudtl.dat 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AD98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadce.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Srednekolymsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7FR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\BUTTON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pitcairn 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_uk.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.bat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\accessibility.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19986_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\koreus.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmad_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\CALENDAR.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\INFOPATH.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB01741L.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libd3d11va_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cambridge_Bay 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\alt-rt.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Adak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guatemala 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15171_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveMergeLetter.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\glass.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kabul 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400005.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21448_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\avtransport.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\images\cursors\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hy\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\misc\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Vancouver 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143752.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\Common.fxh 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Installed_resources14.xss 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libaudiobargraph_v_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.jpg 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\authplay.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Reykjavik 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143754.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WSIDBR98.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfont.properties.ja 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14654_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9B.GIF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\apt.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\nacl_irt_x86_64.nexe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\msoeres.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.SF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00641_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21333_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21339_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqloledb.rll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21535_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\THMBNAIL.PNG 403a1s0ssssd7da.exe File created C:\Program Files\Java\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301050.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceYi.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01366_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02097_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18190_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\ODBCR.SAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\ALARM.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Classic.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00407_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FINCL_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01759_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02278_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_udp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03012U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_OliveGreen.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHLTS.DAT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado21.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01636_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSN.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordconv.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belize 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png 403a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\fonts\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\eu\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BOAT.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18214_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePage.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_increaseindent.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DigitalInk.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\OliveGreen.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\DiagnosticsTap.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Hand Prints.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00191_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\error_window.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmplayer.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105292.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\INVITE.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_flat_10_000000_40x100.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01184_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD06102_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWCUTLIN.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceAmharic.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Maputo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SUBMIT.JS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\MCESidebarCtrl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\settings.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Onix32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sw.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01638_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107134.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN011.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALENDAR.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\msoe.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Metlakatla 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00693_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03425I.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PAWPRINT.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ca\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.runtime_3.10.0.v20140318-2214.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR18F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Document Parts\1033\14\Built-In Building Blocks.dotx 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\ShadesOfBlue.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\da.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chatham 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01181_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14532_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\drag.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sv.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10256_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libadaptive_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18207_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_shout_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.io_8.1.14.v20131031.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196142.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IEAWSDC.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OIS.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00118_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293828.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18255_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSEvents.man 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCallbacks.h 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01852_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\flyout_background.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216112.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\NEWS.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEOLEDB.DLL 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services_3.4.0.v20140312-2051.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00078_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\spu\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\az.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multiview.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Midway 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Black Tie.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14583_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Horizon.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNOteFilter.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado26.tlb 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaprst.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.actionProvider.exsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7Lexicons0011.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102762.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME26.CSS 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Install\{5DF2DCA9-BD54-4513-9B32-2C551D72B961}\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\SUCTION.WAV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL027.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7EN.LEX 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\el\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png 403a1s0ssssd7da.exe File created C:\Program Files\Internet Explorer\SIGNUP\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\tools.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Marengo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART3.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_increaseindent.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.CN.XML 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\WindowsAccessBridge-64.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Samara 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239955.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341534.JPG 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Grayscale.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099186.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200289.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\airappinstaller.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\cmm\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02054_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\TRANSMGR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POST98SP.POC 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240811.profile.gz 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\HxRuntime.HxS 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106124.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Premium.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PROGRAM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00074_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIcons.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099166.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107364.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Events.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Services\verisign.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107450.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03453_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hardware Tracker.fdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Slipstream.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR24F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\validation.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187893.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Solstice.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18249_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\WATER.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql_2.0.100.v20131211-1531.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guam 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_07.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18239_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\REPTWIZ.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_iw.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ta.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00154_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00965_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01193_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\en-US\sbdrop.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTITL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7MODELS000A.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\TALK21.COM.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Maputo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\LICENSE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MOFL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00438_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\ActionsPane3.xsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DBGHELP.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Efate 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15185_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_OFF.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Windows Journal\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yellowknife 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02094_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendtoOneNoteFilter.gpd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101861.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Istanbul 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor_1.0.300.v20131211-1531.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00985_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-ui.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01148_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285750.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\batch_window.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUCRES.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\resources\1033\Synchronization.rll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPMediaSharing.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Magadan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02091_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\ADDINS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\BackupConnect.midi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107492.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\FORMS\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Defender\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\validation.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pencht.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01252_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME49.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOMessageProvider.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsColorChart.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.identity_3.4.0.v20140827-1444.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\currency.data 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01660_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00612_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Newsprint.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02950_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Algiers 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Median.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\IPMS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\msoe.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_hu.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02282_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Clarity.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.SF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0183328.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PPINTL.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DOC.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OISINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EntityPicker.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsimport.exe 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01301_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Riga 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14866_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Phone.accft 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\uk.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00391_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Metro.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qatar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101863.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\IEShims.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\APA.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf 403a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\management.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\README.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Audio-48.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\grvschema.xsd 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\skins\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\artifacts.xml 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PPINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLN.DOC 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcer.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386120.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\JAVA_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386764.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00178_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\ZoneInfoMappings 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Antarctica\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FRENCH.LNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_disable.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\WordpadFilter.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\THMBNAIL.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00126_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\HEADINGBB.DPV 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR42F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Xlate_Init.xsn 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsfsstorage_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00172_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0089992.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01219_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21423_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUISet.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18189_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\Bibliography\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\BCSAddin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBrowserUpgrade.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PROGRAM.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\about.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00208_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\OFFICE10.MMW 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Packages\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\sk.pak 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfxrt.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD10890_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGREPFRM.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_am.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\Accessories\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Auto.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdaorar.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105412.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR20F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBWZINT.REST.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Choibalsan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\core.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-text.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryMergeLetter.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WORDICON.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Brussels 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01628_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21308_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\CALENDAR.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository_1.2.100.v20131209-2144.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\ISO690.XSL 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\packetizer\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDREQS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\SY______.PFB 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-progress-ui.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216724.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OutDomain.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AppConfigurationInternal.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewTemplate.html 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\it\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3B.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT98SP.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGATNGET.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0228959.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0235241.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EntityPickerIntl.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\update-settings.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02886_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\ro.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\mr.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHTMED.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0289430.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDCNCLS.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSTORYVERT.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrwbin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086420.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\INVITE.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\BHOINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginMergeLetter.Dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_realrtsp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt_1.1.1.v20140903-0821.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\deploy.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER98.POC 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gd\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Seoul 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18222_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14829_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\utilityfunctions.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_a52_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\EmbeddedView.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OARTCONV.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadomd.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bishkek 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0168644.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386267.JPG 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Traditional.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\libGLESv2.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Gradient.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libsubsdelay_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02465_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Newsprint.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ga.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_HK.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.descriptorProvider.exsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\boot.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02009_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmlaunch.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\St_Johns 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00171_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187817.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15034_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE.HXS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLN.XLS 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\Proof.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Oral 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21311_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di_1.0.0.v20140328-2112.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART13.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Denver 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Newsprint.eftx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\hxdsui.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunmscapi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novokuznetsk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_concat_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Oriel.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24ImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01074_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\twitch.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00050_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00006_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\LINES.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dubai 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01236_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Pushpin.thmx 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Module.zip 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00261_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152602.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Origin.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21302_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VGX\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Eurosti.TTF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185790.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01785_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\nssckbi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sitka 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mpjpeg_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libmpg123_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\EnterEdit.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Adak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0227419.JPG 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tr\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107514.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15020_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_K_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\LogoDev.png 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-iio.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01434_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_65_ffffff_1x400.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\WriteExport.odp 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Casey 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00555_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SUBMIT.JS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\ado\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\BUTTON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libtdummy_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Process Library.fdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\GrooveFormsMetaData.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libaribcam_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwruksh.dat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODEXL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\FLTLDR.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02753U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHigh.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00372_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105520.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\utilityfunctions.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ust-Nera 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01015_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02074U.BMP 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105246.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297727.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152892.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287415.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\prism-d3d.dll 403a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199303.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONELEV.EXE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEWBY.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107500.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.xml 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tl\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.policy 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00012_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00014_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\libGLESv2.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341439.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00049_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14996_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\LoanAmortization.xltx 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\README.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Brussels 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00158_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\BASMLA.XSL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\MANIFEST.MF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-filesystems.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153514.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SPRNG_01.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCOLKI.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DISTLIST.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00176_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SCHOL_02.MID 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CHECKBOX.JPG 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382836.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0240695.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Generic.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7ge.kic 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fa\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\accessibility.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01173_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\Parity.fx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Luis 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_CN_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\COMBOBOX.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\Documentation.url 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.InfoPath.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKIRMV.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsrus.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Norfolk 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-remote.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yakutat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101859.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Client.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Johannesburg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\license.html 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7TSFrame.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpshare.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_zh_CN.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server-15.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\HEADING.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\validation.js 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialMergeLetter.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Inuvik 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Managua 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ACCTBOX.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHD98SP.POC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Charitable Contributions.accdt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Noronha 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OFFOWCI.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\speaker-32.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libhqdn3d_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Paramaribo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02264_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB10.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatialaudio_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\mpvis.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\ext\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0148798.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00388_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpOAV.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libstereo_widen_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Denver 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson_Creek 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50F.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\modules\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt 403a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\browser\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Wkconv.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14756_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR26F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\NOTEBOOK.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Jujuy 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00668_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RECL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jvm.hprof.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01157_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14565_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RESEND.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCINFO.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297551.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\BUTTON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sk.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106020.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR41F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.msi 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Anchorage 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107744.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL095.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\eBook.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Gibraltar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387882.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_MediumMAsk.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUB6INTL.DLL.IDX_DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\images\bing.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boa_Vista 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.concurrent_1.1.0.v20130327-1442.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099165.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241037.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\eo.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Darwin 403a1s0ssssd7da.exe File opened for modification C:\Program Files\RegisterRemove.wmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Galapagos 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImages.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid_over.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_ON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\OUTEX2.ECF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application-views.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02053J.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115865.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer_3.2.200.v20140827-1444.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01268_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Verve.thmx 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099183.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\RIPPLE.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tallinn 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099199.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00170_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordcnvr.dll 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\wab.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeUpdater.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\JavaAccessBridge-64.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9YDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02752U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ASCIIENG.LNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImagesMask16x16.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6CDT 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\digest.s 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_it.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00046_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0098497.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02127_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PTXT9.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SendMail.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssve.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Catamarca 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212661.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Seoul 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00120_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19582_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02025_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZUSR12.ACCDU 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-heapdump.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessData.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLINACC.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\vcruntime140.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\sound.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105320.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198102.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPIRMV.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00563_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\vlc.mo 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195254.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WORDREP.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\Microsoft.Synchronization.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\Wks9Pxy.cnv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jhat.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\adcvbs.inc 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14800_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\IRIS.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePage.gif 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\kn.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageSmall.jpg 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gu\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libstats_plugin.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TextConv\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Azores 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Angles.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Words.pdf 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Temp\GUM2396.tmp\GoogleUpdateSetup.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Default.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\SecretST.TTF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Prague 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105398.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107282.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0156537.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0088542.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0221903.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\services_discovery\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\swiftshader\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_de_DE.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185796.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Black Tie.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Skins\Revert.wmz 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PIXEL.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tarawa 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341559.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CSS7DATA000C.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCAL.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSSKETSM.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB02229_.GIF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Stationery\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libidummy_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDRESP.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02897J.JPG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02269_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01241_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javafx.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Prague 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Cocos 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01161_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GKExcel.dll 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\CrashReports\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActions.exsd 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21319_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MENU.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist_jstree.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\ieproxy.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_High.jpg 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JavaAccessBridge-64.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143753.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMIMEE.CFG 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Real.mpp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Salta 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lindeman 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199475.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21370_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jfr.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00440_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Clarity.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR27F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\BUTTON.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01680_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\setup_wm.exe.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\server\Xusage.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00911_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15019_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\AccessibleHandler.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\FLASH.NET.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWDWG.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\io.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105328.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\ATPVBAEN.XLAM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGTEAR.DPV 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\03_lastfm.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegaudio_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\InvokeReceive.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-templates.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304861.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_http_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RSSITEML.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SlateBlue.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBOXES.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODTXT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\PublisherMUI.XML 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\org-openide-filesystems.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLADD.FAE 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPUNCT.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\PHONE.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Lima 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00361_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Module.thmx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\SOLVER\SOLVER32.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Khandyga 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00141_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fy\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_F_COL.HXK 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\TOOLICON.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MYSL.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Asuncion 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00077_.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Policies\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_es.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kathmandu 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-enumerations.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02097_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.password.template 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00233_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7ES.LEX 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00668_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AccessWeb\SERVWRAP.ASP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignleft.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo.bat 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185828.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0196374.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14581_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME05.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Simferopol 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30F.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BLANK.ONE 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Services\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099184.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02024_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0252349.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLNOTER.FAE 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\logger\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveLetter.dotx 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00483_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME25.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_zh_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099181.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105378.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBWZINT.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\mpvis.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7cm_en.dub 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Memo.jtp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\BLUEPRNT.ELM 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\meta-index 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400002.PNG 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\networkinspection.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02752G.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME11.CSS 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\EXITEML.ICO 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239973.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\PublicFunctions.js 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_rtp_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-tabcontrol.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_OFF.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libbluescreen_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXSLE.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02291U.BMP 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_bullets.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ERROR.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_OFF.GIF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\be\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00439_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152878.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.INF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javaws.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Vladivostok 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-ui.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186360.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.FR.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\pl.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00096_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\FOLDER.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpsychedelic_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\F12Tools.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\local_policy.jar 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuching 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\VelvetRose.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\iexplore.exe 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\bg.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\sqmapi.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Amsterdam 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONINTL.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_bridge_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDREST.CFG 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js 403a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_basestyle.css 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143749.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238983.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02092_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\FDFFile_8.ico 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115835.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN010.XML 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS11.POC 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxslt.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00419_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0160590.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239967.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GRAPH.ICO 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png 403a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Internet Explorer\en-US\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jmx.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00494_.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMask.bmp 403a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Locales\hi.pak 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\PREVIEW.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1STAR.DLL 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Creston 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00186_.WMF 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\VisualElements\SmallLogoDev.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART10.BDR 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmagnify_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105384.WMF 403a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\JSProfilerCore.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll 403a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Australia\Read_Me.txt 403a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penkor.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-plaf.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Puerto_Rico 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01748_.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_COL.HXC 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImagesMask.bmp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198494.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\HEADER.GIF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl 403a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.common_2.10.1.v20140901-1043.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\net.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp 403a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.servlet_1.1.500.v20140318-1755.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-threaddump.xml 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086426.WMF 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\chrome.exe.sig 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\preface.htm 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet_3.0.0.v201112011016.jar 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238333.WMF 403a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\1.3.35.452\Read_Me.txt 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.properties 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-core-kit.xml_hidden 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveNoDrop32x32.gif 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21325_.GIF 403a1s0ssssd7da.exe -
Suspicious use of SetThreadContext 1 IoCs
description pid Process procid_target PID 1156 set thread context of 1508 1156 403a1s0ssssd7da.exe 24 -
Suspicious use of AdjustPrivilegeToken 37 IoCs
description pid Process Token: SeShutdownPrivilege 1952 explorer.exe Token: SeShutdownPrivilege 1952 explorer.exe Token: SeShutdownPrivilege 1952 explorer.exe Token: SeShutdownPrivilege 1952 explorer.exe Token: SeShutdownPrivilege 1952 explorer.exe Token: SeShutdownPrivilege 1952 explorer.exe Token: SeShutdownPrivilege 1952 explorer.exe Token: SeShutdownPrivilege 1952 explorer.exe Token: SeShutdownPrivilege 1952 explorer.exe Token: SeShutdownPrivilege 1952 explorer.exe Token: SeShutdownPrivilege 592 explorer.exe Token: SeShutdownPrivilege 592 explorer.exe Token: SeShutdownPrivilege 592 explorer.exe Token: SeShutdownPrivilege 592 explorer.exe Token: SeShutdownPrivilege 592 explorer.exe Token: SeShutdownPrivilege 592 explorer.exe Token: SeShutdownPrivilege 592 explorer.exe Token: SeShutdownPrivilege 592 explorer.exe Token: SeShutdownPrivilege 1320 explorer.exe Token: SeShutdownPrivilege 1320 explorer.exe Token: SeShutdownPrivilege 1320 explorer.exe Token: SeShutdownPrivilege 1320 explorer.exe Token: SeShutdownPrivilege 1320 explorer.exe Token: SeShutdownPrivilege 1320 explorer.exe Token: SeShutdownPrivilege 1320 explorer.exe Token: SeShutdownPrivilege 1320 explorer.exe Token: SeShutdownPrivilege 1320 explorer.exe Token: SeShutdownPrivilege 1216 explorer.exe Token: SeShutdownPrivilege 1216 explorer.exe Token: SeShutdownPrivilege 1216 explorer.exe Token: SeShutdownPrivilege 1216 explorer.exe Token: SeShutdownPrivilege 1216 explorer.exe Token: SeShutdownPrivilege 1216 explorer.exe Token: SeShutdownPrivilege 1216 explorer.exe Token: SeShutdownPrivilege 1216 explorer.exe Token: SeShutdownPrivilege 1216 explorer.exe Token: SeShutdownPrivilege 1216 explorer.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops startup file 1 IoCs
description ioc Process File created C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\Read_Me.txt 403a1s0ssssd7da.exe -
Drops desktop.ini file(s) 41 IoCs
description ioc Process File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\TGVUK4BG\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Contacts\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Music\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Videos\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Videos\Sample Videos\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Saved Games\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Music\Sample Music\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Pictures\Sample Pictures\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Documents\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Documents\desktop.ini 403a1s0ssssd7da.exe File opened for modification \??\M:\$RECYCLE.BIN\S-1-5-21-1131729243-447456001-3632642222-1000\desktop.ini explorer.exe File opened for modification C:\Users\Admin\Desktop\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Links\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Music\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Pictures\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Searches\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\AJM03J3Y\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\ZMLBLRQ7\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Downloads\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Downloads\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Favorites\Links for United States\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Desktop\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Pictures\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Recorded TV\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Recorded TV\Sample Media\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\RBDIK06K\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Stationery\Desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Favorites\Links\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Favorites\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Videos\desktop.ini 403a1s0ssssd7da.exe File opened for modification C:\Users\Public\Libraries\desktop.ini 403a1s0ssssd7da.exe -
Suspicious use of FindShellTrayWindow 96 IoCs
pid Process 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe -
Suspicious use of SendNotifyMessage 112 IoCs
pid Process 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 1952 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 592 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1320 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe 1216 explorer.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1320 explorer.exe -
Enumerates connected drives 3 TTPs
-
Suspicious behavior: EnumeratesProcesses 4528 IoCs
pid Process 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe 1508 403a1s0ssssd7da.exe -
Modifies registry class 20 IoCs
description ioc Process Set value (data) \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_Classes\Local Settings explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_Classes\Local Settings explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_Classes\Local Settings explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_Classes\Local Settings explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key created \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-1131729243-447456001-3632642222-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe -
Modifies service 2 TTPs 6 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs explorer.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\403a1s0ssssd7da.exe"C:\Users\Admin\AppData\Local\Temp\403a1s0ssssd7da.exe"1⤵
- Suspicious use of WriteProcessMemory
- Suspicious use of SetThreadContext
PID:1156 -
C:\Users\Admin\AppData\Local\Temp\403a1s0ssssd7da.exe"{path}"2⤵
- Drops file in Program Files directory
- Drops startup file
- Drops desktop.ini file(s)
- Suspicious behavior: EnumeratesProcesses
PID:1508
-
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Modifies Installed Components in the registry
- Suspicious use of AdjustPrivilegeToken
- Drops desktop.ini file(s)
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Modifies registry class
- Modifies service
PID:1952
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Modifies Installed Components in the registry
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Modifies registry class
PID:592
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Modifies Installed Components in the registry
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious behavior: GetForegroundWindowSpam
- Modifies registry class
- Modifies service
PID:1320
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Modifies Installed Components in the registry
- Suspicious use of AdjustPrivilegeToken
- Modifies registry class
- Modifies service
PID:1216