Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
145s -
max time network
84s -
platform
windows7_x64 -
resource
win7v200430 -
submitted
09/07/2020, 17:19
Static task
static1
Behavioral task
behavioral1
Sample
700a1s0ssssd7da.exe
Resource
win7v200430
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
700a1s0ssssd7da.exe
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
700a1s0ssssd7da.exe
-
Size
717KB
-
MD5
3dcb42c5e7545c629c30d501feb908d5
-
SHA1
9633e564b46262cc03cdd29dc1a7aec468c0757e
-
SHA256
24ca9e85cfc0b4303facfe25f920917937ed7d5cca7938362417599d8444e159
-
SHA512
62d7cc702fdbdd11931a652fdb59aaf65cea32eb2ce29029abdfa44eb3c47a4c8b13703b808a68d836b897f6371dcfa3afe3ec3c396f482397ebee99cd99baf2
Score
10/10
Malware Config
Extracted
Path
C:\MSOCache\All Users\{90140000-0011-0000-1000-0000000FF1CE}-C\Read_Me.txt
Ransom Note
Attention!
All your files, documents, photos, databases and other important files are encrypted
The only method of recovering files is to purchase an unique decryptor. Only we can give you this decryptor and only we can recover your files.
The server with your decryptor is in a closed network TOR. You can get there by the following ways:
----------------------------------------------------------------------------------------
1. Download Tor browser - https://www.torproject.org/
2. Install Tor browser
3. Open Tor Browser
4. Open link in TOR browser: http://7rzpyw3hflwe2c7h.onion/?LLLLLLLL
5. Follow the instructions on this page
----------------------------------------------------------------------------------------
On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.
Alternate communication channel here: http://helpqvrg3cc5mvb3.onion/
URLs
http://7rzpyw3hflwe2c7h.onion/?LLLLLLLL
http://helpqvrg3cc5mvb3.onion/
Signatures
-
Suspicious use of WriteProcessMemory 42 IoCs
description pid Process procid_target PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1432 wrote to memory of 1708 1432 700a1s0ssssd7da.exe 26 PID 1396 wrote to memory of 984 1396 msiexec.exe 30 PID 1396 wrote to memory of 984 1396 msiexec.exe 30 PID 1396 wrote to memory of 984 1396 msiexec.exe 30 PID 1396 wrote to memory of 984 1396 msiexec.exe 30 PID 1396 wrote to memory of 984 1396 msiexec.exe 30 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 1844 1396 msiexec.exe 31 PID 1396 wrote to memory of 916 1396 msiexec.exe 35 PID 1396 wrote to memory of 916 1396 msiexec.exe 35 PID 1396 wrote to memory of 916 1396 msiexec.exe 35 PID 1396 wrote to memory of 916 1396 msiexec.exe 35 PID 1396 wrote to memory of 916 1396 msiexec.exe 35 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1396 wrote to memory of 1852 1396 msiexec.exe 36 PID 1852 wrote to memory of 620 1852 MsiExec.exe 37 PID 1852 wrote to memory of 620 1852 MsiExec.exe 37 PID 1852 wrote to memory of 620 1852 MsiExec.exe 37 PID 1852 wrote to memory of 620 1852 MsiExec.exe 37 PID 620 wrote to memory of 1840 620 wevtutil.exe 39 PID 620 wrote to memory of 1840 620 wevtutil.exe 39 PID 620 wrote to memory of 1840 620 wevtutil.exe 39 PID 620 wrote to memory of 1840 620 wevtutil.exe 39 -
Suspicious behavior: EnumeratesProcesses 4530 IoCs
pid Process 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1708 700a1s0ssssd7da.exe 1396 msiexec.exe 1396 msiexec.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1572 explorer.exe -
Modifies service 2 TTPs 4 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Shas explorer.exe Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\NapAgent\Qecs explorer.exe -
Drops startup file 1 IoCs
description ioc Process File created C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\Read_Me.txt 700a1s0ssssd7da.exe -
Suspicious use of FindShellTrayWindow 81 IoCs
pid Process 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe -
Suspicious use of SendNotifyMessage 93 IoCs
pid Process 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1220 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 1620 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 608 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe 1572 explorer.exe -
Loads dropped DLL 42 IoCs
pid Process 984 MsiExec.exe 984 MsiExec.exe 1844 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 1844 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 1844 MsiExec.exe 984 MsiExec.exe 1844 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 1844 MsiExec.exe 1844 MsiExec.exe 1844 MsiExec.exe 1844 MsiExec.exe 1844 MsiExec.exe 1844 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 984 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 1852 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe 916 MsiExec.exe -
Registers COM server for autorun 1 TTPs 24 IoCs
description ioc Process Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe -
Modifies data under HKEY_USERS 3 IoCs
description ioc Process Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\24\52C64B7E msiexec.exe Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\24 msiexec.exe Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\25 msiexec.exe -
Drops file in Windows directory 44 IoCs
description ioc Process File opened for modification C:\Windows\Installer\MSI423A.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI8126.tmp msiexec.exe File created C:\Windows\Installer\2a3fb.mst msiexec.exe File opened for modification C:\Windows\Installer\MSIA784.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSIB77F.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI1CD7.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI3F4A.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSICD9.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI118D.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI1851.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSIBAAC.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSIBD3C.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSIBEB3.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSID282.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI75C.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI1E8D.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI3F7A.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI43E0.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI779D.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSIB5E9.tmp msiexec.exe File opened for modification C:\Windows\Installer\ msiexec.exe File opened for modification C:\Windows\Installer\MSI7B58.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI7EC4.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSID468.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSID56.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI117C.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI3C8A.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI7DB9.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSID34E.tmp msiexec.exe File created C:\Windows\Installer\2a3fe.ipi msiexec.exe File opened for modification C:\Windows\Installer\MSI1C69.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI3E7E.tmp msiexec.exe File opened for modification C:\Windows\Installer\2a3fb.mst msiexec.exe File opened for modification C:\Windows\Installer\MSIA9B7.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI7F70.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI8A3C.tmp msiexec.exe File opened for modification C:\Windows\Installer\2a3fe.ipi msiexec.exe File opened for modification C:\Windows\Installer\MSIAB2E.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI8867.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI529.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI1BDB.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI23FA.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI41FA.tmp msiexec.exe File opened for modification C:\Windows\Installer\MSI780C.tmp msiexec.exe -
Suspicious use of SetThreadContext 1 IoCs
description pid Process procid_target PID 1432 set thread context of 1708 1432 700a1s0ssssd7da.exe 26 -
Drops desktop.ini file(s) 41 IoCs
description ioc Process File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Documents\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Music\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Videos\Sample Videos\desktop.ini 700a1s0ssssd7da.exe File opened for modification \??\M:\$RECYCLE.BIN\S-1-5-21-910373003-3952921535-3480519689-1000\desktop.ini explorer.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Music\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Videos\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Windows Mail\Stationery\Desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Favorites\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Favorites\Links for United States\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Libraries\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Music\Sample Music\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Videos\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Searches\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Pictures\Sample Pictures\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Recorded TV\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\ZDAW0I3Y\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Contacts\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Desktop\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Favorites\Links\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Pictures\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\IQD6DIKV\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Downloads\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Saved Games\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Documents\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\LUBVL9MG\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Desktop\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Pictures\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\AppData\Local\Microsoft\Feeds Cache\5Q8AAMSB\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Admin\Links\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Downloads\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Users\Public\Recorded TV\Sample Media\desktop.ini 700a1s0ssssd7da.exe -
Enumerates connected drives 3 TTPs
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of AdjustPrivilegeToken 1005 IoCs
description pid Process Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeIncreaseQuotaPrivilege 1220 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeSecurityPrivilege 1396 msiexec.exe Token: SeCreateTokenPrivilege 1220 explorer.exe Token: SeAssignPrimaryTokenPrivilege 1220 explorer.exe Token: SeLockMemoryPrivilege 1220 explorer.exe Token: SeIncreaseQuotaPrivilege 1220 explorer.exe Token: SeMachineAccountPrivilege 1220 explorer.exe Token: SeTcbPrivilege 1220 explorer.exe Token: SeSecurityPrivilege 1220 explorer.exe Token: SeTakeOwnershipPrivilege 1220 explorer.exe Token: SeLoadDriverPrivilege 1220 explorer.exe Token: SeSystemProfilePrivilege 1220 explorer.exe Token: SeSystemtimePrivilege 1220 explorer.exe Token: SeProfSingleProcessPrivilege 1220 explorer.exe Token: SeIncBasePriorityPrivilege 1220 explorer.exe Token: SeCreatePagefilePrivilege 1220 explorer.exe Token: SeCreatePermanentPrivilege 1220 explorer.exe Token: SeBackupPrivilege 1220 explorer.exe Token: SeRestorePrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeDebugPrivilege 1220 explorer.exe Token: SeAuditPrivilege 1220 explorer.exe Token: SeSystemEnvironmentPrivilege 1220 explorer.exe Token: SeChangeNotifyPrivilege 1220 explorer.exe Token: SeRemoteShutdownPrivilege 1220 explorer.exe Token: SeUndockPrivilege 1220 explorer.exe Token: SeSyncAgentPrivilege 1220 explorer.exe Token: SeEnableDelegationPrivilege 1220 explorer.exe Token: SeManageVolumePrivilege 1220 explorer.exe Token: SeImpersonatePrivilege 1220 explorer.exe Token: SeCreateGlobalPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeShutdownPrivilege 1220 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeShutdownPrivilege 1620 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeIncreaseQuotaPrivilege 608 explorer.exe Token: SeCreateTokenPrivilege 608 explorer.exe Token: SeAssignPrimaryTokenPrivilege 608 explorer.exe Token: SeLockMemoryPrivilege 608 explorer.exe Token: SeIncreaseQuotaPrivilege 608 explorer.exe Token: SeMachineAccountPrivilege 608 explorer.exe Token: SeTcbPrivilege 608 explorer.exe Token: SeSecurityPrivilege 608 explorer.exe Token: SeTakeOwnershipPrivilege 608 explorer.exe Token: SeLoadDriverPrivilege 608 explorer.exe Token: SeSystemProfilePrivilege 608 explorer.exe Token: SeSystemtimePrivilege 608 explorer.exe Token: SeProfSingleProcessPrivilege 608 explorer.exe Token: SeIncBasePriorityPrivilege 608 explorer.exe Token: SeCreatePagefilePrivilege 608 explorer.exe Token: SeCreatePermanentPrivilege 608 explorer.exe Token: SeBackupPrivilege 608 explorer.exe Token: SeRestorePrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeDebugPrivilege 608 explorer.exe Token: SeAuditPrivilege 608 explorer.exe Token: SeSystemEnvironmentPrivilege 608 explorer.exe Token: SeChangeNotifyPrivilege 608 explorer.exe Token: SeRemoteShutdownPrivilege 608 explorer.exe Token: SeUndockPrivilege 608 explorer.exe Token: SeSyncAgentPrivilege 608 explorer.exe Token: SeEnableDelegationPrivilege 608 explorer.exe Token: SeManageVolumePrivilege 608 explorer.exe Token: SeImpersonatePrivilege 608 explorer.exe Token: SeCreateGlobalPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 608 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeShutdownPrivilege 1572 explorer.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeSecurityPrivilege 620 wevtutil.exe Token: SeBackupPrivilege 620 wevtutil.exe Token: SeSecurityPrivilege 1840 wevtutil.exe Token: SeBackupPrivilege 1840 wevtutil.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe Token: SeRestorePrivilege 1396 msiexec.exe Token: SeTakeOwnershipPrivilege 1396 msiexec.exe -
Modifies Installed Components in the registry 2 TTPs 4 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000\Software\Microsoft\Active Setup\Installed Components explorer.exe -
Modifies registry class 234 IoCs
description ioc Process Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit\command msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDs.HxRegistryWalker.1" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ = "Help HxProtocol" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDs.HxRegister.1" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\edit msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDs.HxRegistryWalker" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDS.HxRegisterProtocol.1" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open\command\ = "\"C:\\Program Files\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLED.EXE\" /verb open \"%1\"" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDS.HxSession.1" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\edit\command msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411199-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\TypeLib\ = "{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ = "IDummyOleComponentManager" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294} msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\0 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0 msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_Classes\Local Settings explorer.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\DefaultIcon msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\0\win64\ = "C:\\Program Files\\Microsoft Office\\Office14\\ADDINS\\otkloadr_x64.dll" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\TypeLib\Version = "1.0" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\open msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\ = "Microsoft Visual Studio Tools for the Microsoft Office System Loader 1.0 Type Library" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-A502-11D2-BBCA-00C04F8EC294}" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\ = "HxRegisterProtocol Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDs.HxFilters.1" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_Classes\Local Settings explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\ = "HxRegistryWalker Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-A502-11D2-BBCA-00C04F8EC294}" msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler\ = "{AB968F1E-E20B-403A-9EB8-72EB0EB6797E}" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDs.HxFilters" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "Hxds.HxPlugIn" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDs.HxRegister" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\FLAGS\ = "0" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\ = "HxParseDisplayName Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "Hxds.HxPlugIn.1" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDS.HxRegisterProtocol" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\ = "HxRegister Class" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{314111d9-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294} msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\ = "HxPlugIn Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\ = "HxSession Class" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\0 msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\ = "HxFilters Class" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_Classes\Local Settings explorer.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\DefaultIcon\ = "\"%1\"" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411199-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\PROTOCOLS\Handler\ms-help msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\CLSID = "{314111c7-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid32 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}\ msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\Interface\{000C0601-0000-0000-C000-000000000046} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDS.HxRegisterSession" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid\ = "{00020424-0000-0000-C000-000000000046}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\edit\command\ = "\"C:\\Program Files\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLED.EXE\" /verb edit \"%1\"" msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\DefaultIcon msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open\command msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\xmlfile\shell\open\command msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\0\win64 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\FLAGS msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\ = "HxRegisterSession Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ = "HxProtocol Class" msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_Classes\Local Settings explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Programmable\ msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\shell\open msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\ProgID\ = "HxDS.HxRegisterSession.1" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}\ msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\FLAGS msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111f0-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\Implemented Categories msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ThreadingModel = "Apartment" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\VersionIndependentProgID\ = "HxDS.HxSession" msiexec.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key created \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111bd-a502-11d2-bbca-00c04f8ec294}\InprocServer32 msiexec.exe Set value (data) \REGISTRY\USER\S-1-5-21-910373003-3952921535-3480519689-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4} msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111f7-a502-11d2-bbca-00c04f8ec294}\TypeLib\ = "{31411197-a502-11d2-bbca-00c04f8ec294}" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\ProxyStubClsid32 msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4}\1.0\0\win64 msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{31411219-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111e2-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411228-a502-11d2-bbca-00c04f8ec294}\ProgID msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{31411198-a502-11d2-bbca-00c04f8ec294}\Implemented Categories\ msiexec.exe Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\TypeLib msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\Interface\{000C0601-0000-0000-C000-000000000046}\TypeLib msiexec.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\HTMLHelp\2.0\LocalReg\CLSID\{314111db-a502-11d2-bbca-00c04f8ec294}\InprocServer32\ = "C:\\Program Files\\Common Files\\Microsoft Shared\\Help\\hxds.dll" msiexec.exe Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\Programmable msiexec.exe -
Drops file in Program Files directory 12075 IoCs
description ioc Process File opened for modification C:\Program Files\Mozilla Firefox\xul.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152882.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297749.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.swf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmprph.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8PDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Verve.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00289_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21527_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-execution.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIBUtils.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\desktop.ini 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-favorites.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\fxplugins.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Country.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\InformationIcon.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_id.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-services.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\java.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00265_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Foundry.xml 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00005_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01545_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297551.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveNewsletter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseout.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WWLIB.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\NUMERIC.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216588.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaremr.dll 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00623_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\DATES.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103812.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\chrome_200_percent.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00806_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18211_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\logger\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Hardcover.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301076.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OMSINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_shared.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2B.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\VeriSignLogo.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePage.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\hy.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0171847.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Paper.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GREET11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsftp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-keymap.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RSSITEM.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormToolImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\STUBBY1.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libts_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\OmdBase.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+9 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledbjvs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaprsr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\LICENSE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_es.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01635_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Tucuman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Adobe.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHD98SP.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\precomplete 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.CGM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-8 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0390072.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21390_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART1.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\TOOLICON.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00116_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSRETRO.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01040_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\deploy\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\classlist 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\InfoPathOM\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port_of_Spain 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+10 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jmx.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Beirut 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.HLP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\adovbs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Center 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcolorthres_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\skchobj.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107494.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_04.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PRRTINST.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01568_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONLNTCOMLIB.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\NamedURLs.HxK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santiago 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00269_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00350_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\WIND.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Network Sharing\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Visualizations\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-tools.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02464_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10253_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\macroprogress.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado26.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\ConvertUse.DVR-MS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\RELEASE-NOTES.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7MDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18205_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtobe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\1036\MSGR3FR.DLL 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-common.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\orbd.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309705.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\BCSRuntimeRes.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRLEX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can03.ths 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME04.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWRECC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\ColleagueImport.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RSSITEML.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DVA.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Metlakatla 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME55.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\MSSPC.ECF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGMGPUOptIn.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090149.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00734_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0088542.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RECS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-util-enumerations.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ja.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Class.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msaddsr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14529_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\History.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libstats_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignright.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB2B.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZCARD.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03459_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLV.XLS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\BG_ADOBE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Belgrade 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterRegular.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GKWord.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090779.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Discussion.gta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN058.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XIMAGE3B.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-modules-appui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\WET 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152558.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143744.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCOUPON.DPV 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\icon.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nassau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00142_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\background.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7FR.dub 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado15.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0332364.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_20_666666_40x40.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcs.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00231_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21448_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Customer Support.fdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\HEADER.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00084_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceca35.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1254.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00255_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX9.x3d 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Luxembourg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285750.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SBCGLOBAL.NET.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-1.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187817.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301252.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-cn.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Helsinki 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNote.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN111.XML 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Malta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281632.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0287005.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OMSINTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0282928.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18253_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OSPP.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEXBE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Premium.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IMPMAIL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPSideShowGadget.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187883.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Origin.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.PL.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\main.js 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Filters\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00160_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpshare.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\header.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\WSS_DocLib.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\ieproxy.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0295069.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\controllers.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Xlate_Complete.xsn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsImageTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNote.gpd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Shades of Blue.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\apt.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00076_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115844.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Back-48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Country.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152560.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\CLIPART\Publisher\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0292152.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\access-bridge-64.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST5EDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SUBMIT.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLMIME.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\RTC.der 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ne.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Martinique 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198025.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106222.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152708.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14533_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\uk.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Xusage.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-execution.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00586_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\TexturedBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.HK.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAIL.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Antigua 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285822.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01746_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Noronha 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01164_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageScript.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21305_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIcons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libedummy_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MARQUEE.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\stdole.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086426.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPPT.OLB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tegucigalpa 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00260_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\STSLISTI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text_3.9.1.v20140827-1810.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dt_socket.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.ini 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\is\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadco.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santa_Isabel 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106020.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24ImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Auckland 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.rll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107026.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187861.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0235319.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZDAT12.ACCDU 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jvm.hprof.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Palmer 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX8.x3d 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099187.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18230_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME46.CSS 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Currie 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Copenhagen 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02228_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OneNoteSyncPCIntl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPUB.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-services.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Thimphu 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Slipstream.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\LOOKUP.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPUNCT.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.c 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304371.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Pushpin.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pohnpei 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-heapdump.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Tell_City 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libdeinterlace_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00732_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libps_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_am.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODEXL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00775_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341561.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXCEL.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm_export.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\es.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00395_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSRuntime.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\jnwmon.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-api-caching.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\wab32res.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME27.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\gfserrorfromgroove.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Iqaluit 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Custom.propdesc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libsubsdelay_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.service.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\LICENSE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01750_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\GIGGLE.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSQRY32.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\el.pak 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Photo Viewer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_EN.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\orb.idl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImage.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\ACADEMIC.ONE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400001.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00132_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\HandPrints.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\43.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178632.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292278.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODBC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tunis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01173_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.LTS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Adobe.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02794_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0157763.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MOR6INT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Madeira 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01660_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00268_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_on.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBE7INTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jawt.h 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00911_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152568.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.msi 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\meta-index 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multiview.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Nairobi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10301_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIcons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Minsk 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.hyp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00135_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00170_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00254_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginReport.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\boot.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00523_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Auto.jpg 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dushanbe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ust-Nera 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CLICK.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.CN.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.exe 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\an\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png 700a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Visualizations\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.lng 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\local_policy.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Menominee 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03236_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_ON.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Triedit\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\oeimport.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00405_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_OliveGreen.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-4 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00211_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\PublicFunctions.js 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pa\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL095.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Onix32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMAN.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBOB6.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadrh15.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs-nio2.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\New_Salem 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+7 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_OliveGreen.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libprefetch_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00685_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR12F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FEZIP.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090390.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7ge.kic 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ARFR\MSB1ARFR.ITS 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libaribcam_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00426_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB6.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwgl_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmplayer.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh89 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\currency.data 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.password.template 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts.css 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\ca.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Midway 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105380.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199429.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_italic.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00902_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105332.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183198.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\io.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\jsdbgui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-6 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2ssv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-PT.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baku 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03143I.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21413_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN108.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpostproc_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00343_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400002.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_MediumMAsk.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\ImagingDevices.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00057_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187893.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ContactPicker.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrwbin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\handler.reg 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\content-types.properties 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\resources\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\DELIMR.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\AccessibleHandler.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Norfolk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\content-types.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309920.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00202_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02369_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosecolor.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ADO210.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\InfoPathMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Brunei 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CNFNOT32.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYBB.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Araguaina 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OFFOWC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBARBLL.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPDMCCore.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04267_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SUBMIT.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AWARDHM.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\background.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\eBook.api 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\sd\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Marquesas 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTAREA.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\OriginFax.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Merida 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00169_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14532_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00256_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-text.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02424_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME21.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpenc.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\flyout.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309902.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN048.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18235_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENFR\MSB1ENFR.ITS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tallinn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCD11.POC 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21304_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thule 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jayapura 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\VideoLAN Website.url 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\VBE6EXT.OLB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENVELOPE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\EEINTL.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105506.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Module.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\GIFIMP32.FLT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrowMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234131.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115842.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado25.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sendopts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-spi-actions.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00092_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01701_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msader15.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107712.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\lt.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libparam_eq_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Los_Angeles 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Darwin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01866_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateOnDemand.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Niue 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Author2String.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VPREVIEW.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyMergeLetter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdfmap.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341551.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00257_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrome.7z 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL087.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241041.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01149_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffffff_256x240.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt55.ths 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01152_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187895.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\DAO\dao360.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft.NET\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00411_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0291984.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_underline.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18212_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\InactiveTabImageMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Jujuy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18210_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\bin\server\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00046_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01253_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\MemoryAnalyzer.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novosibirsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART13.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\th.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\fa.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105912.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Civic.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwmon.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveNoDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00077_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200611.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02470U.BMP 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox28.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Dublin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-nodes.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cambridge_Bay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106124.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_et.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01751_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00121_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02028K.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02752G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosefont.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine_64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Casey 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Couture.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ADD.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01565_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\NOTEBOOK.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\create_stream.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santarem 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0296279.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00256_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ie9props.propdesc 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupicons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpEvMsg.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Rothera 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00333_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00242_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105338.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384888.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01046J.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\profile.jfc 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21310_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port-au-Prince 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dubai 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00252_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01636_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\SaslPrepProfile_norm_bidi.spp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson_Creek 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+4 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLLIBR.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\UnpublishRename.xlsb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Horizon.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14756_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20140512-1650.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CT_ROOTS.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00218_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00648_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00367_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GRAPH.EXE 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\si\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\en-GB.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00158_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107512.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Godthab 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Damascus 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageSlice.gif 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-dialogs.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Taipei 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lord_Howe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0196374.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157831.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\ELPHRG01.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21398_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe.sig 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pitcairn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN089.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDBAR98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyReport.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00236_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN001.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Folders\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novokuznetsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18249_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlcese35.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0251007.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL110.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Comments.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Sofia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvSOFT.x3d 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Metro.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18229_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dts_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBHW6.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01178_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01191_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\TOC98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\ResourceInternal.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Traditional.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\DRUMROLL.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0293832.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21421_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\Accessories\wordpad.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\eu.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_olv.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00555_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUDGESCH.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libstereo_widen_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\Bibliography\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Public_Primary_CA.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\sidebar.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_te.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.InfoPath.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00078_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00736_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\main_background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105530.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMSL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Settings.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multitabs.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0202045.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0234376.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\GREEK.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\va.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENGDIC.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\SOLVER\SOLVER32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dcpr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Seoul 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Opulent.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216516.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-compat.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\THROAT.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPDESIGN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPSLAX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdate.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cancun 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2launcher.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02166_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lv\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libh26x_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSetupPS.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Prague 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199473.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielMergeFax.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02227_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\OmdProject.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONTACTS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImagesMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00194_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OnLineIdle.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIB.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcor.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382968.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\LASER.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\QuizShow.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Wkconv.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Antigua 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-11 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105282.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\La_Paz 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LETTHEAD.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist_jstree.xml 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkHandle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPWEC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiling.xml 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OutSyncPC.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tongatapu 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcroppadd_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099178.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_PDF.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32r.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20131217-1203.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\VelvetRose.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\default_apps\drive.crx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\LINEAR_RGB.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01472_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02267_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIcon.jpg 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UCT 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\header.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341448.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00018_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Issue Tracking.gta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01173_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\subscription.xsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR35F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKIRM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0315612.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcanvas_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00524_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00942_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SIGN.CFG 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Grid.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libmpg123_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EntityDataHandler.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\bl.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\fi.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Eurosti.TTF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AccessWeb\RPT2HTM4.XSL 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VC\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00527_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHD98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdxva2_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149887.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_OliveGreen.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\1 Top.accdt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Bermuda 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00601_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLAPPT.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMaskSmall.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zurich 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts2.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEINTL.DLL 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\msvcr100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluHandle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\PAB.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\WSSFilesToolHomePageBackground.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageScript.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Midway 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02749U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libremoteosd_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Luis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\validation.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\Accessories\WordpadFilter.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_BR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Blanc-Sablon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-keymap.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\macroprogress.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssrb.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Verve.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299587.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Stock Quotes.iqy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\STSLIST.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FiveRules.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182946.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0205466.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\main.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR12F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTITS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Gaza 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01603_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Trek.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yerevan 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\trash.gif 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\deploy.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\extensions\VLSub.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_zh_CN.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PULQOT98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR15F.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\audiodepthconverter.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chatham 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_pressed.gif 700a1s0ssssd7da.exe File created C:\Program Files\Windows Journal\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4ADT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART14.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libnfs_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\networkinspection.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00186_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Grid.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ka\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPNSSUI.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18194_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Documentation\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\kaa.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\ProPlusWW.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01356_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7cm_en.dub 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOSTYLE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18209_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICCAP98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Issues.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239063.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21306_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.smil_1.0.0.v200806040011.jar 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\hrtfs\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Office32MUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-3 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Northwind.accdt 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSQRY32.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\81.0.4044.129.manifest 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21328_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKACC.CFG 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195772.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18257_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\id.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-explorer.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00438_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0136865.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\BUZZ.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OIS.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\klist.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Monrovia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench_3.106.1.v20140827-1737.jar 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\EXITEMS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\en-US\MpAsDesc.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02264_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libhttps_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00423_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART4.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\EXITEM.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00783_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\COPYRIGHT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20140827-1444.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Verve.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanPhotoAlbum.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Edmonton 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00673L.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPreviewTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\liblogo_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099181.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02062U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\FUNCRES.XLAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATALOG.DPV 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Triedit\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00799_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03257_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02417U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guadalcanal 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02957_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\BOMB.WAV 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\FAX\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WINWORD.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-awt.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OCRVC.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZFORM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Helsinki 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL98.POC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Creston 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0098497.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SNET.NET.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCAL.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PNCTUATE.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateCore.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237759.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendtoOneNoteFilter.gpd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ospintl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\setup_wm.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt32.clx 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansDemiBold.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Country.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OARTCONV.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\WSS\107.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00454_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Executive.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCDDSLM.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\02_frenchtv.luac 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\th.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_it.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Solstice.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core_0.10.100.v20140424-2042.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-coredump.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00608_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Austin.eftx 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\FORMS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_underline.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02958_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15173_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151067.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200521.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14833_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0230553.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\LightSpirit.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CROATIAN.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152590.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_description_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Monterrey 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICSTYLES.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_xml.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\PST8PDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02862_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Adjacency.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21315_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belem 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vevay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00042_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0158071.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceDaYi.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImages16x16.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormToolImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_italic.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\uz\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107342.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CMNTY_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.HOL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\da.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15023_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\background.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\WksConv\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\az.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02069J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ogalegit.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ba.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\local_policy.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santiago 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ja\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01084_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0234000.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212701.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libkaraoke_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00965_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237336.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14868_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jconsole.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01772_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_LightSpirit.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\rjmx.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\README.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESNS.ICO 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\el\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.LIC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\DBGHELP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCAL.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENGLISH.LNG 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kamchatka 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00192_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Technic.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\InformationIconMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Form.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01329_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15057_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Maroon.css 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14539_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\splashscreen.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382939.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18250_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\WebKit.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.continuation_8.1.14.v20131031.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\RTFHTML.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmlaunch.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Gaza 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SegoeChess.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02312_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsPrintTemplate.html 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\TableTextService\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EMSMDB32.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Stationery\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\10.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\adcjavas.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tokyo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08868_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01183_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145879.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00097_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Trek.xml 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_lg.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Paramaribo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099165.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECRECS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kiritimati 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUNGLE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_150.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Module.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-util-enumerations.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152430.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02291U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_de_DE.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOUC.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105588.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239935.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR30F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javacpl.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00146_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Executive.eftx 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\requests\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IO.Log.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cayenne 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02758U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-modules.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\COUPON.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RESUME.DPV 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FRAR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\jsdebuggeride.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02759J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALSO11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Orange Circles.htm 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\sound.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00633_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241781.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Edmonton 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02075_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR19F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\INDOMAIN.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VGX\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_socket.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VS_ComponentSigningIntermediate.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1033\FPEXT.MSG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado21.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\calendars.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01154_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\Install\{790FB95E-131F-4B1A-93CD-438F382AB794}\81.0.4044.129_chrome_installer.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Lisbon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01838_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME15.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212661.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\skins\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\TextFile.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPDMCCore.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jce.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00636_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10299_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\CASCADE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\VERSION.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBARV.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SOCIALPROVIDER.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WNTER_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_hyperlink.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-process-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7zCon.sfx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\VERSION.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_TW.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105336.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-options.xml_hidden 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pt-BR.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsHub_is.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-io-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Concourse.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Csi.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BORDERBB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0171685.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216874.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\license.html 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\MST7 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpCmdRun.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183172.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215076.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382927.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME44.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\FindConfirm.dot 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jfxrt.jar 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Portal\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MAPIPH.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\browse_window.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\diagnostic-command-16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GreenTea.css 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libprojectm_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\PYCC.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pitcairn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00482_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01743_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENFR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01148_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME02.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0298653.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR22F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\reader\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PPINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOInstaller.config 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST7MDT 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fr\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382931.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02503U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.Infopath.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02423_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Contacts.accdt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\de\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Trek.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OMSSMS.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\DELETE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher_1.1.0.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00014_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_issue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00116_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\DataServices\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\utilityfunctions.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTEMANAGED.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WSIDBR98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxwebkit.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART8.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\QP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\WPGIMP32.FLT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21481_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\charsets.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Vancouver 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382961.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.catalog 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\eclipse.inf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libcaca_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Documentation\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00248_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\IMAGE.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\SketchIconImages.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SPANISH.LNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdtv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\ielowutil.exe 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pyongyang 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195428.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UNT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfont.properties.ja 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Median.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_Loading.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CHIMES.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mousedown.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBREF.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WORDIRMV.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\VBAJET32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00687_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGN.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewFrame.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN107.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\eqnedt32.exe.manifest 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\XmlFile.zip 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Africa\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR25F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_TexturedBlue.gif 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui_5.5.0.165303.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00305_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00935_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Adelaide 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\amd64\jvm.cfg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03795_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00247_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00392_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALENDAR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\am.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00172_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TAIL.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SlateBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\SNEEZE.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02253_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Premium.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ro.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00234_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx264_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmic.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.core_2.3.5.v201308161310.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00532_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPUNCT.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\de.pak 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bishkek 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Pontianak 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Access\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\WidevineCdm\manifest.json 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\java_crw_demo.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21324_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPrintTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsMacroTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdate.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.xml_1.3.4.v201005080400.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Amman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10335_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTITL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\lv.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\klist.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vincennes 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18187_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mip.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\StarterNotificationDescriptors.xml 700a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Configuration\Schema\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241773.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14792_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR33F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libantiflicker_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.SYD 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02270_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CASCADE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099170.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\jnwppr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\connectionmanager_dmr.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cuiaba 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\1033\OFFICE10.MML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382967.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\RE00006_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00486_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSIDEBRV.XML 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\Ole DB\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hebron 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195342.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SplashScreen.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD07831_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBAR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\Accessible.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\Indiana\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\Accessories\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Grand_Turk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099150.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_INIT.XSN 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01063_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\misc.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MOFL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\tools.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pe.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00234_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107358.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18234_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Enderbury 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\rockbox_fm_presets.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152894.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00330_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javafx-iio.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Manila 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\br.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GreenTea.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090777.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384862.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB01741L.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099176.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FBIBLIO.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\CANYON.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tripoli 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginResume.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\libEGL.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Folder-48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01245_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143753.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10254_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\sqmapi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSACC.OLB 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\UKRAINE.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceAmharic.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME41.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWRECE.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PUBWIZ\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Stockholm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00345_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePageBlank.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme_0.9.300.v20140424-2042.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macHandle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Christmas 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00361_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tahiti 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02950_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Formal.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MX.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32res.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKREQ.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_GreenTea.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\COPYING.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143749.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Urban.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15155_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fur\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunjce_provider.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\London 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielReport.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libimem_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng.hyp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\MSCONV97.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Windhoek 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_disable.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OFFRHD.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveMergeLetter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DVDHM.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00668_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPORT.CFG 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Library\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Connectivity.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-lib-uihandler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Cape_Verde 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSSOAP30.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\management.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00726_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281008.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImages.jpg 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\wab32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Modern.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Aspect.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15059_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\uk\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceqp35.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_de.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-plaf.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14829_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSTORY.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CharSetTable.chr 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_decreaseindent.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\NewProtect.M2V 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Services\verisign.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.configuration_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382925.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Winamac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0090070.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01629_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\RADIO.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libbluescreen_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipTsf.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Khartoum 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-text.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04174_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guyana 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105250.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02743G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Sts2.css 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\mk.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01235U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EntityPickerIntl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLPERF.H 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\DLGSETP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-views.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\AST4 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105600.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0290548.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYVERTBB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ProjectStatusReport.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02214_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLINTL32.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7es.kic 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_CN.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086432.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03331_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\visualization\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\drag.png 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jvisualvm.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLTASK.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OneNoteSyncPC.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105504.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02791_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198226.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\YEAR.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mraut.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Magadan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0089945.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTVIEW.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\en-US\Sidebar.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152622.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0217872.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382930.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240175.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14530_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Generic.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_extended.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingEngine.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Anadyr 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183574.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryNewsletter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18197_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XOCR3.PSP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\eo.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadox.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhds_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\SDK\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\libxslt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordconv.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Earthy.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\BG_ADOBE.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Mail\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcfr.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ashgabat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195254.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00478_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15272_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\applet\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPOLK.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CLVIEW.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATETIME.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SAMPLES\SOLVSAMP.XLS 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\an\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jconsole.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\org-openide-filesystems.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\rss.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PNG32.FLT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGTOC.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianMergeLetter.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\AddIns.store 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\WTSP61MS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Bougainville 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04225_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.RuntimeUi.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00564_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ar.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\RequestDisconnect.php 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+6 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\81.0.4044.129\81.0.4044.129_chrome_installer.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Knox 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215709.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\3082\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00095_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Country.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00814_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_a52_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\hprof.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.Infopath.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00428_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\msdbg2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR22F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\MEIPreload\manifest.json 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\VisualElements\LogoCanary.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\VeriSign_Class_3_Code_Signing_2001-4_CA.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\MENUS.JS 700a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Microsoft\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.mshtml.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107724.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182689.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02051_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18199_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunjce_provider.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00526_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PUBBA\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14753_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14755_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_SlateBlue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsMacroTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0315580.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02437_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLLIBR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_concat_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OCRHC.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART3.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\DELETE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libchain_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\WidevineCdm\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196142.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14513_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsVersion1Warning.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ARFR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Composite.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.JS 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\OFFICE10.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSN.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-applemenu.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Black Tie.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21336_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\MEDIA\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\el.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yakutat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONPPTAddin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Address.accft 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL081.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BS4BOXES.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SHAREPOINTPROVIDER.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-CN.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\EXPEDITN.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21365_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLSLICER.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Waveform.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR41F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hy\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\CompareInitialize.m4a 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Rio_Gallegos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-fallback.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216612.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+2 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107158.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151047.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14871_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105520.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLMAILR.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\MsMpLics.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\sonicsptransform.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-progress-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00274_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.MMW 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Syowa 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msolap100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SETLANG.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\nss3.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penkor.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser_64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hovd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107364.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01240_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OFFREL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Stockholm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0315447.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0251301.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIcons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBHD.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bg\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-5 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105410.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceDaYi.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDREQ.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libvod_rtsp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.DesignTime.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\MDIParent.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbynet.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00116_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Off.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudiobargraph_a_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\npdeployJava1.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01298_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\FONTSCHM.INI 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART7.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\DataSet.zip 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Portable Devices\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT532.CNV 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_stats_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00021_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313974.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18221_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\eclipse.inf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST7MDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01157_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153273.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01166_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10256_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\host.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libposterize_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvm.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\wxpr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Whitehorse 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Macquarie 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105306.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02404_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01143_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10268_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUNGLE.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\ffjcext.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01630_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_mr.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\SettingsInternal.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh89 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02187_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_choosecolor.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21480_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\OneNote\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMaskRTL.bmp 700a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\IA2Marshal.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libnormvol_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01179_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18191_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\warning.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00092_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0183174.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\msadc\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui_4.0.100.v20140401-0608.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tehran 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\builtincontrolsschema.xsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABEL.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\ANALYS32.XLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadox28.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105638.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21366_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\chrome.exe.sig 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153087.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME31.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-annotations-common.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\tnameserv.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.bfc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Reunion 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Warsaw 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AboutBox.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yakutsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01161_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange.css 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\SAMPLES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Groove.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx26410b_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaSansRegular.ttf 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02810J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PPINTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341554.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00685_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\derby_common.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sampler.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309664.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet_3.0.0.v201112011016.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiBold.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21433_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_REVIEW.XSN 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableDownArrow.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\meta-index 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libball_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.hsp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\4.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\tzmappings 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02024_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\DiagnosticsTap.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01761_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02125_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0298897.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\2 Top.accdt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\th\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\cpu.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwruksh.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jinfo.exe 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0233512.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\PipelineSegments.store 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MUSIC_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\BodyPaneBackground.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_snow.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Chagos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tirane 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN090.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-windows.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sampler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_02.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107514.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238927.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01219_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Angles.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00914_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01080_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Waveform.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0233312.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0304933.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FORM.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Data1.cab 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15034_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\id\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_pressed.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198494.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00560_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcc_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Beulah 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00688_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153302.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaremr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\glass_lrg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\1 Right.accdt 700a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Configuration\Registration\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_uk.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-snaptracer.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boise 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Vostok 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessData.xml 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImageMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\defaults\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Hierarchy.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7Data0011.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BANNER.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmprph.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_06.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01569_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_SlateBlue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Oriel.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\TURKISH.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcer.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup-impl.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\MMHMM.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.hyp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152626.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18232_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKACCL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00898_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MLCFG32.CPL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\logs\maintenanceservice-install.log 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Troll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10219_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\3082\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Mendoza 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01268_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\THMBNAIL.PNG 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01473_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0205582.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_sv.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01218_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00686_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\7-Zip\Lang\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292286.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01468_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Photo Viewer\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt_3.103.1.v20140903-1938.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR4F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageStyle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\msproof7.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanMergeLetter.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME24.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02278_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\1033\CAGCAT10.MML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234657.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\instrument.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00453_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00526_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\Attachments.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santo_Domingo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04385_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00726_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10297_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185818.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02169_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05665_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Office32WW.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115835.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\ADMPlugin.apl 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\msdatasrc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200279.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00390_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN02559_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpClient.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\MSOINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\LimitExit.iso 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcf.dll 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\BORDERS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.SE.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\HEADINGBB.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.rst 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\INVITE.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\mpvis.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02417_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Oriel.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21375_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14768_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-attach.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME37.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-5 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00038_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Cordoba 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\TRANSMGR.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can32.clx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02028_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER98.POC 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\logsession.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEWSTR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OMML2MML.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FORM98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.policy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199036.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKREQL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penchs.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\oledb32r.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPSideShowGadget.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\30.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0250997.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299125.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287643.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18222_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\mozavcodec.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\jaccess.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157191.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00004_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01265U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PDDom.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_left.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javafx.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\README.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0302953.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01123_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR15F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\da\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-spi-actions.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Godthab 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00462_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR11F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\VisualElements\Logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Noronha 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105386.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105496.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CRANE.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152696.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01330_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Origin.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_US_POSIX.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee90.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382948.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-print.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01174_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-BoldIt.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEDAO.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceArray.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174952.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00221_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\LoginDialogBackground.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Office Word 2003 Look.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\.lastModified 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy.jar 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02134_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21435_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21323_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_70.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL107.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Microsoft.stdformat.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rainy_River 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chatham 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BDRTKFUL.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\platform.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0183290.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10266_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Khandyga 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jvm.lib 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\attention.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04323_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03466_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\az\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\rtstreamsink.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-progress.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02068_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00183_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jsound.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Uninstall Information\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02198_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-9 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Rio_Gallegos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\de.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKUPD.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Audio-48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBlankPage.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7fr.kic 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_cs.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chihuahua 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0251925.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REMOTEL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESTL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0289430.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME29.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipres.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPAPERS.INI 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\validation.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.ES.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPTICO.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04355_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107496.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_browser.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Defender\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rankin_Inlet 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185778.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fa\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Status.accft 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Graph.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_ca.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_de.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0148757.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSGR3ES.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18245_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\reader\filename.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Phoenix 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Athens 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kosrae 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00352_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PSTPRX32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libmarq_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\JPEGIM32.FLT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\pop3.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-progress.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpconfig.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPDMCCore.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libgestures_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\Argentina\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00010_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0150861.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152690.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lindeman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02269_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\WHOOSH.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02386_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18204_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME43.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\BCSAddin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-heapwalker.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\meta-index 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msmdlocal.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hardware Tracker.fdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_bullets.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02466U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01839_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zx______.pfm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\Timeline.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151073.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextService.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jsse.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099156.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoBase.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Palmer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198021.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUB6INTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FLT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdan.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00231_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONWordAddin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadce.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ashgabat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TaxonomyControl.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmpnssci.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\resources.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\El_Aaiun 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLow.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHigh.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ClassicPhotoAlbum.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1AR.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18228_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_VelvetRose.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\PublicFunctions.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_choosecolor.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00687_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01163_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105266.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUS\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macGrey.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293238.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SlateBlue.css 700a1s0ssssd7da.exe File created C:\Program Files\Windows NT\TableTextService\en-US\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00270_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAMECONTROLSERVER.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBSBR.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OWSSUPP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\d3dcompiler_47.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02066_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\soundcloud.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\WinMail.exe 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLINACC.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106146.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\SignedManagedObjects.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\icecast.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSETUP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thule 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Document Parts\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Maroon.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\HAMMER.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198447.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01221K.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Composite.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Urban.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\jsprofilerui.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_TexturedBlue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\plugin.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\New_York 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kathmandu 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Composite.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7tk.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL077.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Students.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadds.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105298.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Earthy.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vienna 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107734.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Monrovia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\InfoPathWelcomeImage.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ant-javafx.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-settings.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234266.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Earthy.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPOlive.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Andorra 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00914_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149627.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateSetup.exe 700a1s0ssssd7da.exe File created C:\Program Files\Windows Portable Devices\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.Adapter.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\AUTOSHAP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXPTOOWS.XLA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\HORN.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\SPPlugins\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Checkers.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\BCSLaunch.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\CodeFile.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR50F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpnssci.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281243.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0305493.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7en.kic 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe.sig 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javafx.policy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199609.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00728_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Flow.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EET 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-settings.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200383.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOInstallerUI.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-mx.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01237_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\D3DCompiler_47.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Aqtau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\liveleak.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libadpcm_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\MINUS.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB10.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SLERROR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HTECH_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\SWBELL.NET.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Install\{790FB95E-131F-4B1A-93CD-438F382AB794}\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-favorites.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01299_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Windows NT\Accessories\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Earthy.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VISSHE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21296_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Thatch.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02756U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00308_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadce.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jli.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Broken_Hill 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00273_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105360.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vevay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImageMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceer35EN.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\notification_helper.exe 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7Lexicons0011.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh88 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185798.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10264_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-options-api.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\release 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port-au-Prince 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PROOF\1036\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\swiftshader\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OISAPP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WORDICON.EXE 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\packetizer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-awt.xml 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18206_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\spacebackupiconsmask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-BoldOblique.otf 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18220_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15061_.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Internet Explorer\SIGNUP\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Salta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04206_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00798_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00018_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\BOLDSTRI.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\fieldswitch.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\pdmproxy100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01770_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\IPDSINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OutDomain.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\COPYRIGHT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Buenos_Aires 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\D3DCompiler_47.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_choosefont.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ar.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0089992.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\Presentation Designs\Maple.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONLNTCOMLIB.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\omni.ja 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_pt_BR.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\javaws.policy 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBOXES.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Perspective.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\PHONE.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00015_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\pl.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174315.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\nacl_irt_x86_64.nexe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Recife 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107090.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01242_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCHKBRD.XML 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Manila 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Curacao 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\vdk150.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Marketing Projects.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\Synchronization.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\doclib.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02298_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0172067.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14578_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpOAV.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_increaseindent.gif 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14514_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Newsprint.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\ml.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dhaka 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00052_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099205.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313965.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLFLTR.DAT 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\ado\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\en-US\msader15.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Essential.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Module.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSRTEDIT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200430125146.pma 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00372_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\81.0.4044.129\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPERSON.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\include\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00168_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDownArrow.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WPULQT98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdaosp.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099154.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Apex.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Person.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXT 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\fonts\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Brussels 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02208U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Thatch.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\EquityFax.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CARBN_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\chrome_100_percent.pak 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\offset.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PS2SWOOS.POC 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\EQUATION\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Karachi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099185.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENVELOPE.XML 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086384.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\1px.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\MMSS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Shorthand.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hu.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\pt-br.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01661_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0215086.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\EXPLODE.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Waitcursor.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACER3X.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository_1.1.300.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\PREVIEW.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor_1.0.300.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR18F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstatd.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01586_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\mr.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB7.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103058.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00633_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared24x24Images.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIcon.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\JOURNAL.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+3 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\msadc\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\RM.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\meta-index 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00272_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01252_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\TITLE.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bn.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00390_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_LightSpirit.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN011.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordcnv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPMediaSharing.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PAPYRUS.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_03.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME42.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Groove.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInTray.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174639.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01680_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\default_apps\docs.crx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\LightSpirit.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02073_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR43F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsdeu.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297727.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00792_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECRECL.ICO 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02405_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Response.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\SIST02.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIcons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityReport.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00452_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management-agent.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESNL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libyuv_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\DVDMaker.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Brussels 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePageBlank.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MENU.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\npvlc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Srednekolymsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14691_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR38F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\GostTitle.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\xlsrvintl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_shout_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Real.mpp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01562U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AU.XML 700a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Skins\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-progress-ui.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\policytool.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00050_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.NZ.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FDATE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PRTF9.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21338_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21377_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ASCIIENG.LNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Americana\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MP00646_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libadf_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpnetwk.exe 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMSS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15184_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REC.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Anchorage 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montevideo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200377.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Essential.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PICTPH.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00407_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHLEX.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME28.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\gu.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185828.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382954.JPG 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Catamarca 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-explorer.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\OrangeCircles.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-queries.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWSHM.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\setup_wm.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00433_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01160_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00157_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CURRENCY.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\OFFICE10.MMW 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSAutogen.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Lindeman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WING2.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\11.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152884.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199755.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\ado\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\calendars.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-charts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\adodb.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0233070.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7FR.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveLetter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21337_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7wre_en.dub 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sr\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21333_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\buttons.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsDoNotTrust.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\setup_wm.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01242_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101864.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MsMpLics.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\1033\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows NT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239057.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsdl_image_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105272.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SLINTL.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00440_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182898.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libchorus_flanger_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\RSSFeeds.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdfmap.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Salta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_center.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187921.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WITHCOMP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XPAGE3C.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\be.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107344.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301480.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR24F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-spi-quicksearch.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01358_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00531L.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZY______.PFB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBCOLOR.SCM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Teal.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpuzzle_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\FLTLDR.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01491_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Opulent.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212957.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKDEC.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\NOTEBOOK.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-modules.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01066_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00126_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\PhotoViewer.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_iw.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0280468.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14515_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\LAUNCH.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util-lookup.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151063.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187819.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.dll 700a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Internet Explorer\en-US\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDRESP.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_LightSpirit.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\librss_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\THANKS.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CRANINST.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195260.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_COL.HXC 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\EmptyDatabase.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00139_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0286068.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBrowserUpgrade.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDRESN.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPQUOT.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianLetter.Dotx 700a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Modules\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\kk.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-iio.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jli.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14582_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ca\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\es.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090781.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\bdcmetadataresource.xsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\NOTES.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Esl\AiodLite.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignleft.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281630.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00670_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR20F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21319_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CGMIMP32.HLP 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGZIPC.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\Common.fxh 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\WindowsAccessBridge-64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicTSFrame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Colombo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_zh_CN.jar 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baghdad 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400005.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\twitch.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15171_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\CALENDAR.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\it\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\SUMIPNTG.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00006_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301418.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Blanc-Sablon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkNoDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-1 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACWIZRC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfo.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveReport.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00200_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15134_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\SAVE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN022.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mauritius 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102984.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145810.JPG 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_splitter\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\sRGB.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36B.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\1.3.35.452\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Lima 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_few-showers.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\master_preferences 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0278882.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\UserControl.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20140422-1847.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECURE.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\AXIS.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02400_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.json 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0157995.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN065.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PAWPRINT.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\index.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.ITS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado26.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01184_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00640_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvnc_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FORM.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_dummy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnssui.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Sakhalin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03453_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00610_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Fancy.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\PROCDB.XLAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\SignHere.pdf 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR32F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\micaut.dll 700a1s0ssssd7da.exe File created C:\Program Files\Internet Explorer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00297_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR35B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackground.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\ZoneInfoMappings 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPTIRM.XML 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Temp\GUM3C25.tmp\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Synchronization Services\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielResume.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107302.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKDECS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN096.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\ReadMe.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Caracas 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0172193.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198020.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02752U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Colombo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-explorer.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0300912.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdcp_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\MEIPreload\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\ODBCR.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\Microsoft.Office.Infopath.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBBTN.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Download\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kathmandu 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00319_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB1B.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_srt_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_WMC_LogoText.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01236_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MAPISHELL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\gu.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DissolveNoise.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.password.template 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ckb\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sa.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\profile.jfc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME40.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ContactSelector.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunmscapi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01179J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285698.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Monaco 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01434_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInAcrobat.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSClient.Msg.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.DPV 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01157_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\it.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msmdsrv.rll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\dailymotion.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\YST9YDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPEDITOR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\dependentlibs.list 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09664_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00076_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153299.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0197979.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpAsDesc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-6 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107490.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02040U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGATNGET.DPV 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\servertool.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\DESKTOP.INI 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Gibraltar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0332268.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIconsMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsdbgui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Chita 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management\snmp.acl.template 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0168644.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232395.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ga.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\ktab.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblendbench_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ca.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\perf_nt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-impl.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Apia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSAEXP30.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-outline.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02412K.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chicago 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Pitchbook.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01840_.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Updater6\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ho_Chi_Minh 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\FeedSync.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\LEVEL.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewFrame.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmagnify_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAClientPkgUI.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\SaveMount.au3 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\pdf.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00297_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287020.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Hermosillo 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdasql.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIconImagesMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Petersburg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Adak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01080_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PAWPRINT.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0185604.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293236.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0156537.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00985_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLN.PPT 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\km\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00098_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BORDERBB.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\IEShims.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Puerto_Rico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\16-on-black.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Apothecary.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePage.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\qipcap64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Puerto_Rico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239953.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01744_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png 700a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Thunder_Bay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0294989.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Document.gif 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Berlin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\NOTEL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsFormTemplateRTL.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\adovbs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\DisabledGoogleUpdate.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app_1.0.300.v20140228-1829.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\bin\plugin2\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\VSTARemotingServer.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBrowserUpgrade.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice.exe 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\en_GB\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceAmharic.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadomd28.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcfr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00671_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_GreenTea.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsatip_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\2052\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\readme.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0211949.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPTIRMV.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18182_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libimage_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\DefaultID.pdf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Hand Prints.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pl.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Premium.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_alignleft.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WORDREP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierCloseButton.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado15.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JavaAccessBridge-64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME38.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL082.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\sentinel 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\BHOINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\RIPPLE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\play-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CUP.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00057_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\License.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityResume.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_pressed.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR39F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\MMSL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LABELHM.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RESP98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200189.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\rtscom.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382938.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Phone.accft 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_performance_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Kerguelen 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Knox 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\skchui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGREPFRM.XML 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_filter\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\journal.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00177_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\STUBBY2.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLADD.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RESEND.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\adojavas.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\SLATE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hong_Kong 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_F_COL.HXK 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\WidevineCdm\_platform_specific\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPHandle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384895.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\sl.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02443_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV.HXS 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLPH.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guyana 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libgain_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_bullets.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPICCAP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_cs.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\INFOML.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE04050_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Flow.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BRCH98SP.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107482.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Maroon.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\gui\libskins2_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.UDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\msoeres.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107262.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPLTMPL.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Barbados 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285820.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PRRT.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14883_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02058U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialReport.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpnscfg.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmiregistry.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-api.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03731_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00255_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0144773.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBHED98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\OARPMANR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libhqdn3d_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\iexplore.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightRegular.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\net.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107024.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\background.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME35.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\nl.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Tucuman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00703L.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExpenseReport.xltx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00923_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_09.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\Analysis\ATPVBAEN.XLAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\mobile.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\en-US\MpAsDesc.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaprst.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Indian\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00160_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15060_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14594_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RESUME.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03241_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285926.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpAsDesc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-execution.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSEvents.man 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libshm_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\nb.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\contbig.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\BG_ADOBE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_TexturedBlue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN092.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msmgdsrv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\AFTRNOON.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiling.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10290_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\slideshow_glass_frame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-uisupport.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\attention.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR48F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSSKETSM.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21321_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Bibliography\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\security\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145212.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Verve.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ccme_base.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_on.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-13 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00443_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099171.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libtcp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01084_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0149018.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21330_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ta\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HM00114_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Skins\Revert.wmz 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Regina 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Maputo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00853_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\webbase.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lg\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-annotations-common.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-utilities.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01191_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02265_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\flyout_background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14580_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14692_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21399_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\ITIRCL55.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02748G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Clarity.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR21F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Graph.exe.manifest 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\XML Files\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_SlateBlue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IE.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00397_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01742_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\slideShow.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SAFRI_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Galapagos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00760L.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-BoldIt.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\wsimport.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libuleaddvaudio_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\MCESidebarCtrl.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Maldives 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00681_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_SlateBlue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALNDR98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\AUTHORS.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\BLUEPRNT.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0283209.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AppConfigurationInternal.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IpsPlugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt_1.1.1.v20140903-0821.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Metro.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Hardcover.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Median.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.InfoPath.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer_3.2.200.v20140827-1444.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-modules-profiler_visualvm.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00208_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RSSITEMS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_underline.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Generic.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME22.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Stanley 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-api.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01139_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\adojavas.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Merida 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHSRN.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\soniccolorconverter.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00938_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\browser\VisualElements\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\et\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\common.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1250.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACECORE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00127_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Elemental.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.FR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_gather_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\profilerinterface.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03513_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-templates.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153047.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\DADSHIRT.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14579_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Elegant.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL048.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-oql.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-14 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\msadc\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\ARCTIC.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgePackages.h 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macTSFrame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285360.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\STARTUP\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02886_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Regular.otf 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\xmlrw.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14867_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\PDIALOG.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\REPTWIZ.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\ImagingDevices.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sampler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ho_Chi_Minh 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\SHOVEL.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENVELOPE.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\HEADER.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guam 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103850.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageSlice.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\perfcore.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tunis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341439.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SELFCERT.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianMergeFax.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Discussion.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\TAB_ON.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\South_Georgia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-remote.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\keytool.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107450.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Solstice.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Users.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\hu.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\WT61FR.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianReport.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\symbol.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107350.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200289.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341344.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STP 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\CheckpointConvert.vdx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-4 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5EDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR39F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_FormsHomePage.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\chrome.dll.sig 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\WATERMAR.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXSLE.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107750.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Groove.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieNewsletter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14982_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielLetter.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Journal.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_transcode_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\WET 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\images\cursors\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21320_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Moscow 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14752_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\artifacts.xml 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bn_IN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\libvlccore.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qatar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099179.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QRYINT32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\br.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\title.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-execution.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpnssci.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Installed_resources14.xss 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL103.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatialaudio_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageHistoryIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Skins\Revert.wmz 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00416_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Grid.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239079.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Johannesburg 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105502.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\SPACER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEW.ICO 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\ECHO.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195788.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0300520.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21311_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-coredump.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152570.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Hardcover.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_down.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01039_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\AccessWeb\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBPAGE.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\El_Aaiun 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241043.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18239_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12Tools.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18203_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\Ole DB\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\zh-TW.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Amsterdam 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099200.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB3B.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02754U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01745_.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\oeimport.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19827_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ro\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090027.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0284916.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mspub.exe.manifest 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromaprint_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107254.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0229385.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Fortaleza 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.concurrent_1.1.0.v20130327-1442.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099196.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\verify.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18244_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\US_export_policy.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.BR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02413_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\POLICIES.FDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\DADSHIRT.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jakarta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guayaquil 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02441_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_browse.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightOrange\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\newgrounds.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Thawte Root Certificate.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00090_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EXPLR_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099202.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00444_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi_3.10.1.v20140909-1633.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239611.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\PersonalMonthlyBudget.xltx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\MSPVWCTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\GRAY.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01366_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0158477.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212953.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLLIBR.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libsapi_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297725.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21342_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\+Connect to New Data Source.odc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MOR6INT.REST.IDX_DLL 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL105.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.FNT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00052_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14980_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\npjp2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WCOMP98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_display_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Gambier 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\playlist\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382942.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Distinctive.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-synch-l1-2-0.dll 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\DAO\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\WidevineCdm\LICENSE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\gstreamer-lite.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Center 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151061.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAProject.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00808_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00683_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\ACTIVITY.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsPreviewTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FINCL_02.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239943.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL097.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\libvlc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmpnssui.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152704.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199483.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Extensions\external_extensions.json 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-api.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152414.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ContemporaryPhotoAlbum.potx 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfigInternal.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0228959.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\SEAMARBL.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Dublin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212685.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Metro.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_GreenTea.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginMergeLetter.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ogg_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\MEIPreload\preloaded_data.pb 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Managua 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME23.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHSAPIFE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14583_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Installed_schemas14.xss 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287642.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02296_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jawt_md.h 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santarem 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0090386.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Resolute 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00531_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\sRGB.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00612_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101867.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\HICCUP.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Makassar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\zh-CN.pak 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ach\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vocaroo.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mauritius 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00834_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\gfserrortogroove.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\msaccess.exe.manifest 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-uihandler.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kiritimati 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\ViewHeaderPreview.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrowMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Maceio 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0186348.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImages.jpg 700a1s0ssssd7da.exe File created C:\Program Files\Uninstall Information\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdaprst.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bangkok 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.security 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpSvc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyLetter.dotx 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Reykjavik 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-ui.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\COMBOBOX.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL026.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT.DPV 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\TableTextService\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\rt.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400004.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSSKETLG.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME03.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02071U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\java-rmi.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\accessibility.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL102.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\connectionmanager_dmr.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\npt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jdwp.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02088_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\sbdrop.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Executive.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsFormTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MSTAG.TLB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0230876.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01797_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIcons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7db.kic 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01566_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBrowserUpgrade.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_justify.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\modules\httprequests.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\en-US\PhotoAcq.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNoteNames.gpd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME01.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\Documentation.url 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Belgrade 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCD98.POC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02074U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-execution.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novokuznetsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Riga 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-core.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_srt_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\xmlrw.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUAUTH.CAB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt_0.12.1.v20140903-1023.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Hobart 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222017.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPST32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKIRMV.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Almaty 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Sydney 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297269.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Equity.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+9 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02384_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_K_COL.HXK 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\en-US\MpEvMsg.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\THIRDPARTYLICENSEREADME.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE06450_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00483_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.InfoPath.FormControl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Media.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+5 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099152.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198113.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Tabs.accdt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-desk.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103402.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107280.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME47.CSS 700a1s0ssssd7da.exe File created C:\Program Files\7-Zip\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBCN6.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\zip.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\uz.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-api.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL106.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Amsterdam 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00095_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.jasper.glassfish_2.2.2.v201205150955.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\acro20.lng 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Install\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04117_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Packages\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00296_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00135_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0103262.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libgme_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\fy.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATALOG.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\VCTRN_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0183168.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jaas_nt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\server\Xusage.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\blacklist 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106816.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OL.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWCUTCHR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\System.AddIn.dll 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jdwp.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15172_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21503_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_es.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\management.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02746U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d9_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\Windows Defender\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libflaschen_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Microsoft.Office.InfoPath.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordcnvpxy.cnv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\blocklist.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0196164.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKREQS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Premium.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImages.jpg 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ga\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdav1d_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\VOLTAGE.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SENDTO.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsfin.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sampler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OOFTMPL.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCICONS.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\leftnav.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Denver 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\splash.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\IPM.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Status Report.fdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadds.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105710.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0282126.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Black Tie.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222021.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.MY.XML 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fy\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\jfr\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\core_visualvm.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_setid_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\submission_history.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENV11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\AdobePiStd.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPWEC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtobe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SHOW_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00306_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN002.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CERTINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-V 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Atikokan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01561_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00217_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03470_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZLIB.ACCDE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\StaticText.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeUpdater.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\JSByteCodeWin.bin 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\EURO\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWSS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericonMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN081.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLADDR.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImagesMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCDDSF.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Reunion 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Components\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DigitalInk.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\cs.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\VisualElements\SmallLogoBeta.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Antarctica\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145272.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR42F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_07.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\New_Skins.url 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\equalizer_window.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\DirectDB.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateBroker.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqloledb.rll 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21314_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanReport.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guatemala 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-io-ui.xml 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mp4_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240189.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\IPEDINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GIFT.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterBold.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\+NewSQLServerConnection.odc 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\pack200.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Cape_Verde 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Esl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RESENDL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\CAN.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsfsstorage_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\README.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImage.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN026.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN095.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\access-bridge-64.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\handsafe.reg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolImagesMask16x16.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB4.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rightnav.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl.css 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ta.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15169_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL001.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SSGEN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Payment Type.accft 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMIMEE.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jawt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386120.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Technic.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\jni_md.h 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\af\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21329_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\SectionHeading.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\Messenger.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Abidjan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui_3.106.0.v20140812-1751.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19695_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBLINK.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledbvbs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\hr.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02262_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\Accessories\en-US\wordpad.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee100.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEODBCI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Rome 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178523.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft SQL Server Compact Edition\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\settings.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msxactps.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\time-span-16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02435_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\HST10 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00130_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBRPH1.POC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cy\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mk\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\en-US\ImagingDevices.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\networkinspection.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\new-trigger-wiz.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application-views.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02055_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\eula.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\CHEVRON.ICO 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01168_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02263_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplateRTL.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01239_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14997_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\ACCWIZ\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\ko.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSSOAPR3.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01585_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00373_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENES\MSB1ENES.ITS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18248_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\plugins.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00286_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLTASKR.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BANNER.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLOGO.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01631_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099189.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\TEAROFF.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\MSMAPI\1033\MSMAPI32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\mozglue.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0291794.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_pressed.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.SqlServerCe.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\es\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Brisbane 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-options.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Omsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00705_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_el.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0214098.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21326_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\oisctrl.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\FM20.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153305.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02261_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\1033\VSTAProjectUI.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105390.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SketchPadTestSchema.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libinvert_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.fr\Proof.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.common_3.6.200.v20130402-1505.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-queries.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\INDST_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdrawable_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsImageTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_email.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baghdad 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115840.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART2.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_nl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Lisbon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01291_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_dummy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPHPROXY.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Doc.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_bullets.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di.extensions_0.12.0.v20140417-2033.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00915_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01470_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14832_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04332_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Solstice.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200163.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\GWE.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGDOTS.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Temp\GUM3C25.tmp\GoogleUpdateSetup.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153398.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153514.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DISTLSTS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\LAUNCH.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\ICE.ELM 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql2000.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\he.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7-zip.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\Timeline_is.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\org.eclipse.rcp_root_4.4.0.v20141007-2301 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\DELETE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\airappinstaller.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcor.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Slipstream.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ENGIDX.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLCTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BillingStatement.xltx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdater.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\lt.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqloledb.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02453_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18236_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IEContentService.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14996_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR44B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IEAWSDC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUISet.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-output2.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_zh_HK.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14516_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Shanghai 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\NBMapTIP.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSCOPY.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\cs.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\oracle.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLMAIL.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDCNCL.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libcompressor_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\skins\fonts\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Monticello 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPTSFrame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386267.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotionblur_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\grayStateIcon.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\WidevineCdm\_platform_specific\win_x64\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_es.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\CALENDAR.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Phoenix 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107258.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\ieinstal.exe.mui 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\nl.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_sv.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341475.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityMergeFax.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21331_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\TAB_ON.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\he\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_100_eeeeee_1x100.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\glass.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Monticello 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00735_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\LoginForm.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\init.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR18F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcf.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02115_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Services\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\glib-lite.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7ES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jmx.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00246_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EMABLT32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tegucigalpa 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02439_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21518_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ms.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Services\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00788_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Pipeline.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02116_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-core-kit.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01181_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02053J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18224_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Sofia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4ADT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHTMED.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Music.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-templates.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\BTOPENWORLD.COM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL054.XML 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-nodes.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Uzhgorod 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00454_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00419_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWRECS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Waveform.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Marengo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yekaterinburg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Cocos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN01164_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsViewAttachmentIconsMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Javascripts\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\QRCode.pmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Glace_Bay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301432.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02740U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBCALSO.POC 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD06200_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02158_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00542_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14984_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00184_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Faculty.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libglspectrum_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\nn.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\msdbg2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00136_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105846.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierDisableUpArrow.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Civic.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21316_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR6B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Austin.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSAIN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\psfontj2d.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153313.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185786.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BRCHUR98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\INVITE11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SOCIALCONNECTOR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-13 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18218_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00390_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECURL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GRAPH.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107744.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MP00021_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02742G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101863.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\keystore\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-options.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099182.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lt\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02153_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSGR3EN.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00555_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00998_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CSD 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\DEEPBLUE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jcmd.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00388_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado27.tlb 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\SIGNUP\install.ins 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_hail.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\DiagnosticsTap.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.resources_3.9.1.v20140825-1431.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105396.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Charitable Contributions.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\VIBE.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.runtime_3.10.0.v20140318-2214.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Krasnoyarsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01777_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ieinstal.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUCRES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro_3.4.200.v20130326-1254.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOUTL.OLB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\skin.dtd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\ISO690.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBORDER.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsharpen_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\InkSeg.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\descript.ion 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable_1.4.1.v20140210-1835.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00154_.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Defender\MpClient.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdaprsr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0221903.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.p2.ui.overridden_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\messageboxinfo.ico 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Skins\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WHIRL1.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143743.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\kn.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-attach.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00200_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0174635.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Elemental.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ceuta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21400_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hi\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaprsr.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\iedvtool.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscat.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_partstyle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Madrid 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscht.xml 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Document Parts\1033\14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_OffMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME33.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\ORG97R.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\info.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB8.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\wab.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_hail.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wallis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185780.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PEOPLEDATAHANDLER.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mexico_City 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\psfont.properties.ja 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwingdi_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libanaglyph_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01167_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198372.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialMergeLetter.dotx 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\kk\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_read_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msader15.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.jarprocessor.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00231_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_window.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\updater.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBPQT.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaom_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\slideShow.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet.jsp_2.2.0.v201112011158.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javaw.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BOATINST.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0196400.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\EmptyDatabase.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188679.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Gradient.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRINTL32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7FR.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8PDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185670.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBOX.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutofSyncIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\BREEZE.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Dialog.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPDMC.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActionExceptionHandlers.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0337280.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Bibliography\Style\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadox.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14828_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21427_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02022_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OEMPRINT.CAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-Bold.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Keywords.HxK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01682_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02361_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0233665.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\LightSpirit.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msadcfr.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\ieinstal.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00438_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02465_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hu\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21327_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_GreenTea.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\or\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MET 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199475.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH00601G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\bg.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCVDTUI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL089.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado28.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.command_0.10.0.v201209301215.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01216_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107138.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_hov.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Teal.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00444_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Solstice.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsColorChart.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\2d.x3d 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\README.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Rarotonga 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_VelvetRose.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGREPFRM.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Port_Moresby 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-snaptracer.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02041_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.PH.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18196_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\j2pcsc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01251_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101862.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00232_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105974.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\sunmscapi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09031_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145707.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pt_BR.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292248.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dummy.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299763.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSWORD.OLB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152694.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\ACTIVITS.ICO 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Oral 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+8 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_10_p010_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\3082\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSDecWrp.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\.lastModified 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285484.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00513_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Angles.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\config.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02223U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Adjacency.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Noumea 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297185.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-compat.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00276_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115856.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierBackgroundRTL.jpg 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL022.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-filesystems.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Marquesas 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02390_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GIFT98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCARD.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LINE.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIconMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\MSOERES.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\7.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-print.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\LICENSE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03205I.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\send-email-16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrow.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCD98SP.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\jsdbgui.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00723_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01035U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\INLAUNCH.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\xmlrwbin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187837.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\sunec.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CACH.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javafx-font.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-10 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105368.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107148.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200183.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0294991.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14711_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\pdm.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxslt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\server\classes.jsa 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\ACT3R.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\updater.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115876.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwasapi_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mpjpeg_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\DiagnosticsTap.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105412.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297757.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\ShadesOfBlue.jpg 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows NT\Accessories\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtau 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\CLIPART\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\20.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\wab32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00167_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21533_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\otkloadr_x64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MCPS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTEIRM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lord_Howe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-8 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-dialogs.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14581_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00197_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Lagos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\3082\MSO.ACL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts2.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Broken_Hill 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-core-kit.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187647.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00346_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178639.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL111.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffd27a_256x240.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107308.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Urban.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ct.sym 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-cli.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Pushpin.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Pushpin.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ku.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EURO\MSOEURO.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7wre_fr.dub 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-impl.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCARDHM.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABOFF.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\NBDoc.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+12 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Indianapolis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18198_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\attention.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01875_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00538_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libdummy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR40F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Beirut 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_ja.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fiji 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01241_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02055_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\AddToViewArrow.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04326_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dataset.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_Medium.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL075.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CORPCHAR.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EntityPicker.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POST98SP.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-javahelp.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\ktab.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME09.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\HEADER.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14677_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa03.ths 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\sk.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Country.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_pressed.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libidummy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287024.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293828.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REMOTE.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01395_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285444.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\handler.reg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861258748.profile.gz 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00720_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services_3.4.0.v20140312-2051.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Volgograd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XLCALL32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.TTS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\ro.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawaud_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7z.exe 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287641.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232797.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition.fdt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00157_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00118_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099169.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00882_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0240719.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator_1.1.0.v20131217-1203.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1036\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libtimecode_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\sw.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00397_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONTAB32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_mid_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\STUDIO.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21299_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107152.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00260_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0233018.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0252349.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-threaddump.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CET 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\RICHED20.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\THEMES.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR46B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BabyBlue\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_18_b81900_40x40.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Manuscript.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198377.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01474_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02009_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10308_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\dialogs\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-lookup.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14769_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099158.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185806.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNoteUI.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.es\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBUI6.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Palau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CA.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\es-419.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIcon.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UCT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18215_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\MSOSEC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_justify.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_it.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MLSHEXT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB1A.BDR 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2iexp.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\Management.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\menu_arrow.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\cursors.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105240.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199423.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belize 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jaas_nt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_dummy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SIGNL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_asf_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fa.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Juneau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nome 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Teal.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImage.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsBlankPage.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+8 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\El_Salvador 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\JUDGESCH.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libaiff_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansDemiBold.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6CDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10336_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CDLMSO.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterBold.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00261_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\art\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\SetupMetrics\20200430124749.pma 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateHelper.msi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107500.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287018.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7FR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Slipstream.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\StopIconMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\cmm\CIEXYZ.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Vladivostok 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs-nio2.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.actionProvider.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216540.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01297_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nome 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kabul 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ia\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_48.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_justify.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmlaunch.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Inuvik 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Nauru 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Urumqi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Casual.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASK.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199469.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_FormsHomePageBlank.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\background.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN102.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENVHM.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\flavormap.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0324694.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00712_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15073_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\tesselate.x3d 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\ICU\icudt26l.dat 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\VisualElements\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zaporozhye 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Components\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBAR11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02431_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\OUTLVBA.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RES98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Details.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18181_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectToolsetIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\d3d11\libdirect3d11_filters_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdatt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285780.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00452_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME10.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\osclientcerts.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\end_review.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-loaders.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0195812.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\COUPLER.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SlateBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABMASK.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.es\Proof.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boa_Vista 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Davis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105294.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00780L.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_TW.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CollectSignatures_Sign.xsn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\keystore\libfile_keystore_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanResume.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\README.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\zh-tw.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01590_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\WMPDMC.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0229389.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDCNCLS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_disable.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Priority.accft 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Ushuaia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms_3.6.100.v20140422-1825.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Monterrey 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.CRT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-charts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nipigon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00833_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegaudio_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0240695.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WWINTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Dialog.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\setting_back.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ja_JP.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102762.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02740G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Clarity.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\af.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-9 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\az\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_output\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\REFINED.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fakaofo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107526.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\uninstall.log 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-core.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_left.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Bangkok 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHPHN.DAT 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Synchronization Services\ADO.NET\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Portable Devices\sqmapi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEREP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MAPIR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsMacroTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.HK.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Prague 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-remote.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19986_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00045_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Grid.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnOL.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DissolveAnother.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dtplugin\deployJava1.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02127_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01659_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ku-ckb.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\classlist 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Nairobi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\CloseMeasure.tmp 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152606.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195248.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15136_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.inject_1.0.0.v20091030.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-tabcontrol.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107492.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Training.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_out\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libttml_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00669_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\arrow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Seyes.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099168.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Concourse.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\PMAILEXT.ECF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\EXITEML.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\SettingsInternal.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02450_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Groove.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHDHM.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ahclient.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javac.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mazatlan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Premium.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsColorChart.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7cm_es.dub 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsTap.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help_3.6.0.v20130326-1254.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01637_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00557_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107282.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NBOOK_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\et.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrenclm.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0293800.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15132_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01130_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDXFile_8.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\RTF_BOLD.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7MODELS000C.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Start End Dates.accft 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libamem_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CET 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-api.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR44F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\jnwdui.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msaddsr.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152890.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187815.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdca_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup-impl.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup-impl.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yerevan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\messageboxerror.ico 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105328.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297229.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ARCTIC\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00155_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382955.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Author2XML.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessData.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Halifax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Maceio 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\ROGERS.COM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ug\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\SKY.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Detroit 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RESENDS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOICONS.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Funafuti 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pago_Pago 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe Root Certificate.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.IDX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\uk.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tr\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-It.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02439_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7jp.kic 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\jquery.jstree.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Goose_Bay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7MDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\logo.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-options-keymap.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107488.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05930_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuala_Lumpur 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01639_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00458_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\XML Files\Space Templates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00141_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Budapest 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE06049_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18225_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115843.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\it.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\PABR.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.JP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\activity16v.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\PublicFunctions.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OIMG.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\liblogger_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Bears.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187847.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00222_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18231_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\UTILITY.ACCDA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\msvcr100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OMSMAIN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152688.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Damascus 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00334_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0158007.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jsse.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rankin_Inlet 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-output2.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\UmOutlookStrings.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WORDREP.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\01_googleimage.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\UTC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188513.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02431_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14869_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bishkek 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR14F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\w2k_lsa_auth.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105246.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\TAB_ON.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACETXT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cambridge_Bay 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01849_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jli.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Managua 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\PicturesToolIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\vi.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-windows.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099145.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ru.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\javafx.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105232.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libskiptags_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\README.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\HWRCustomization\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWDWG.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00921_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0164153.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01734_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\librotate_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msador15.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00543_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-windows.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313970.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382962.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21297_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\ALARM.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\PLUS.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN110.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\JSProfilerCore.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsoundds.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382952.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02268_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Roses.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\lv.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\fontmanager.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Detroit 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301044.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02356_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadomd28.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Athens 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7Handle.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Porto_Velho 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0228823.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\bdcmetadata.xsd 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.rcp_4.3.100.v20141007-2301.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.InfoPath.Client.Internal.CLRHost.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libvmem_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\management\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\London 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02446_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BULLETS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7EN.LEX 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\d3d9\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\batch_window.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\LINEAR_RGB.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15301_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Projects.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ViewHeaderPreview.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\en-US\wab32res.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143758.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabmig.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msxactps.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0300840.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLN.DOC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gd\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ielowutil.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\INDUST.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\README.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\INVITE.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_hi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCRD98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\Video-48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02039_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\TALK21.COM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sao_Paulo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240291.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRINTL32.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STRBRST.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0305257.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Major Indicies.iqy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105376.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387337.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ADD.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.SYX 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_hov.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding_1.6.200.v20140528-1422.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186364.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02120_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Equity.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00074_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ro.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\form_edit.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BS53BOXS.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\BREEZE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\platform.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\PublicAssemblies\extensibility.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\00_musicbrainz.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_wasapi_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\psuser.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01151_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02045_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONMAIN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Simple.dotx 700a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Network Sharing\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.win32.x86_64_1.0.100.v20130327-1442.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Petersburg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01292_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqlxmlx.rll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-annotations-common.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00807_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01295_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\logger\libfile_logger_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wake 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200467.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Memo.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pidgenx.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\ECHO.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Macau 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14655_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART10.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL108.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\settings.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_mac.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Anadyr 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Austin.xml 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\gui\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Photo Viewer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Halifax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\asl-v20.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Angles.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Microsoft.Ink.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\sa-jdi.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-tools.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmpshare.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msadcer.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239965.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15020_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Words.pdf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdadc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Servers\RELAY.CER 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)grayStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Perspective.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_right.gif 700a1s0ssssd7da.exe File created C:\Program Files\Windows NT\Accessories\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_ES.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Atikokan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099192.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Tell_City 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fy\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Visualizer.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\resources.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Fakaofo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01169_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\GrayCheck.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPTINPS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Recife 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00449_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\deploy.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\pack200.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\EmbeddedView.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR45F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libaudiobargraph_v_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\kk\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_pitch_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d11_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-uihandler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Dawson 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00795_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\artifacts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Swift_Current 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GKPowerPoint.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Mexico_City 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187849.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SOCIALCONNECTORRES.DLL 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormToolImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\1033\MSGR3EN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcfr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-visual.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02280_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+4 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00126_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-container.exe 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\kab.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\LAYERS.INF 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\VSTARemotingServer.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\wab.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TipsImageMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libalphamask_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bogota 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\APPTL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libadummy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\ssv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Clarity.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15275_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Warsaw 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107146.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\resources\1033\Synchronization.rll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Manaus 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\networkinspection.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0301050.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewFrame.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\setup.swf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\SONORA.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-common.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\HST 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00110_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mousedown.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186346.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBCONV.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01006_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_distributed.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\fxplugins.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\dt.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Inuvik 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384885.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FALL_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178459.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR34B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCINFO.XML 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\INDUST\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\javaws.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\ReadOutLoud.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01145_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\OliveGreen.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ONLINE.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpsychedelic_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\en-US\WinMail.exe.mui 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\smtp.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Earthy.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\List.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\en-US\wordpad.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yellowknife 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Office 2.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Pangnirtung 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Montreal 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_italic.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\grvschema.xsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\sandbox.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\ms.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2iexp.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00479_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Casual.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\VisualElements\LogoDev.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ca.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\images\bing.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfontj2d.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as90.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03224I.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14831_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Jujuy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Matamoros 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSTORES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\classfile_constants.h 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15274_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00919_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145895.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH00780U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.dll 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dubai 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\swiftshader\libGLESv2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Oasis\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01357_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02270_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\DELIMWIN.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MsMpCom.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\icon.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh87 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UTC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ReviewRouting_Review.xsn 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tehran 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tahiti 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR4B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\jvm.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00103_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115868.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-conio-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\VisualElements\SmallLogoCanary.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\MDIParent.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EVRGREEN\EVRGREEN.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03451_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\validation.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MsMpRes.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Resolute 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OART.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\NEWS.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\VIEW.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern.png 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\spu\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_cycle_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187839.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_08.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARVERTBB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Dynamic.pdf 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Premium.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_joined.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\VisualElements\SmallLogo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-spi-actions.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\GMT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00176_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0175428.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DISTLIST.CFG 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\El_Salvador 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sv.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0297707.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AccessWeb\SERVWRAP.ASP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00737_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00642_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL090.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309585.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB11.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\iedvtool.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pyongyang 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00414_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101980.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107264.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VVIEWDWG.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Internet Explorer\SIGNUP\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01296_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSOUC_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GreenTea.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7EN.dub 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NAVBRPH2.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0282932.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Paper.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCOLKI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libntservice_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+1 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Elemental.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Apothecary.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01172_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107266.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107458.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00810_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\ODeploy.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Syowa 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01954_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\SUCTION.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWSTRUCT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JdbcOdbc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ceuta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287645.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PULLQUOTEBB.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187829.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGTEAR.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.sig 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\CheckpointHide.mpv2 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jawt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Johannesburg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BOAT.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ja.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZFORM.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\nssckbi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182888.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216153.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239951.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\SalesReport.xltx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ROAD_01.MID 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\oc\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.el_2.2.0.v201303151357.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099155.JPG 700a1s0ssssd7da.exe File created C:\Program Files (x86)\WindowsPowerShell\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04196_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\TABON.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImages.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL093.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\currency.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Nassau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00524_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WZCNFLCT.CHM 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\DataMatrix.pmp 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-remote.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00233_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_left.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_gu.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239997.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00345_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB02229_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Perspective.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\HEADER.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libinflate_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\RICEPAPR.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\java.policy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0195320.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00828_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_wav_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\AdobeID.pdf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\AUTHZAX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Azores 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18227_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRINTL32.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Danmarkshavn 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341634.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Horizon.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESPL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\offset_window.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\pl.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-search.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099172.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_AutoMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\tpcps.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEERR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01141_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01805_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME11.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR17F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153093.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239975.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME14.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.DataSetExtensions.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Ushuaia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00336_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POST.CFG 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBAR.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MENU.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libripple_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyNoDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02749G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY00170_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATWIZ11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Couture.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\settings.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\picturePuzzle.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME13.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR41F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\IPMS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSGR3FR.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHTMED.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01858_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions_Response.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\WORDIRM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0075478.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099175.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05710_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Basic\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuching 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\npt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00513_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoViewer.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Media Renderer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21334_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_choosefont.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGAD.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02578_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADVCMP.DIC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\StatusOnline.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\STOCKS.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\ir.idl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\.lastModified 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Honolulu 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libftp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdasql.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Luxembourg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_VelvetRose.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\OutlineToolIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\OliveGreen.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149407.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00148_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099195.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WWINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PPCORE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152892.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21348_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLLEX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7ES.dub 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Vostok 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pago_Pago 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mac.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107456.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-nodes.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR20F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ja.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\pdmproxy100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGNHM.POC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ru\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\hi.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\BLUECALM.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Canary 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00525_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15276_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\OutOpen.wma 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\speaker-32.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\play_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-actions.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0197983.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL104.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_top_right.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BOLDSTRI\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107658.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222015.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignleft.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00403_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SHARING.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALSO98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\XDPFile_8.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\THMBNAIL.PNG 700a1s0ssssd7da.exe File created C:\Program Files\Internet Explorer\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SEARCH.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\Rothera 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00090_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02074_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21318_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\CONVERT\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR37F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7Models0011.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sitka 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00017_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02252_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_autodel_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105280.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216600.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\REFEDIT.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ky\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Lime\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SecStoreFile.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107290.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Apothecary.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115836.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+2 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0302827.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Thatch.xml 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BUSINESS.ONE 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\USP10.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\mlib_image.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0177257.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hebron 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00525_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00159_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\rt.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\BHOINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUB6INTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLV.PPT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7EN.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_fil.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\README.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\.eclipseproduct 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SPRNG_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\dumpmeta.luac 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\meta_engine\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\javafx-doclet.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PSWAVY.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\mozavutil.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\StopFormat.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSWDS_FR.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CATWIZ.POC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\th\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\eula.rtf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR16F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Issues.accdt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util_1.7.0.v201011041433.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099177.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0205462.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\AddToViewArrow.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ICELAND.TXT 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECHO\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AFTRNOON\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\RICEPAPR.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sendopts.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\DESIGNER.ONE 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21519_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FORM.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewAttachmentIconsMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\ar.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02048_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtextst_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299611.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XLCPRTID.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.VisualBasic.Targets 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdatl3.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00934_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR48B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14791_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\excel.exe.manifest 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\MTEXTRA.TTF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0213243.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL078.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\AdobePDF417.pmp 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\CrashReports\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.UK.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.util_1.0.500.v20130404-1337.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101856.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART6.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232795.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01394_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7ES.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Contacts.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\bg.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\oskmenubase.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.clusters 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02085_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\RTF_BOLD.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OFFOWCI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\en.ttt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\charsets.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0233992.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02736U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216724.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART15.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Jamaica 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Reykjavik 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00625_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03339_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CSS7DATA0009.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vincennes 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101859.BMP 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\Dictionaries\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01176_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DOCS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB9.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099162.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAIL.DPV 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Office\Office14\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OMSXP32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PROGRAM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityMergeLetter.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\omni.ja 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309480.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00394_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02753U.BMP 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.json 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can.fca 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\bn.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21548_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV.HXS 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\text_renderer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\To_Do_List.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Chisinau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Hermosillo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Resources\1033\msolui100.rll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\chrome.VisualElementsManifest.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl-hot.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00174_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Groove Starter Template.xsn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME19.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02389_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_th.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\JNTFiltr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\jfr\default.jfc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ALERT.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\liberase_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBENDF98.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\GoldRing.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_imem_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12Resources.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-io.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BZCARD11.POC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-execution.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Adelaide 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.OPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACERECR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\adcvbs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\GRIPMASK.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Uzhgorod 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME39.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLJRNL.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Hardcover.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18190_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\StatusDoNotDisturb.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-execution.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107516.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0234001.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\resources.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00402_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\INFOMS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ko.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\idlj.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152610.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\VelvetRose.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsImageTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\SplashImage.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MML2OMML.XSL 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\applet\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EAST_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151045.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PAPERS.INI 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\tab_off.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Half.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+11 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0250504.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EAWFINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLN.XLS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Adobe.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\Journal.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\mr.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ru.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304853.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341645.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\chrome_elf.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15072_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsptg.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\BREEZE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Ojinaga 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232803.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143750.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsBlankPage.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\TimeCard.xltx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Faroe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Wake 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\high-contrast.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\MP00132_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tet\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_livehttp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\PRODIGY.NET.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmod_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107132.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01572_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONINTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHMAIN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-spi-quicksearch.xml 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\flavormap.properties 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\CLIPART\PUB60COR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Foundry.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Module.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BloodPressureTracker.xltx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libfingerprinter_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.events_3.0.0.draft20060413_v201105210656.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-charts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Rome 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00489_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginMergeFax.Dotx 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Extensions\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\plugin.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-plaf.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-threaddump.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02829J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Blog.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\vcruntime140.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00190_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR5F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AD.XML 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cs\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hi\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_da.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\F12Tools.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Canary 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Kwajalein 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00466_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR29F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ml.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01196_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblibmpeg2_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\PPSLAX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107192.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPMediaSharing.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Mahe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\calendar.html 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\flyout.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUECALM\BLUECALM.ELM 700a1s0ssssd7da.exe File created C:\Program Files\Internet Explorer\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239973.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0300862.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02426_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14531_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.WPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\schemagen.exe 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105320.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ContactPickerIntl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAME.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR11F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\localedata.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.artifact.repository.prefs 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02293_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02845G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00364_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00668_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\APPT.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jfr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00172_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105244.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086420.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\UnreadIcon.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB5B.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fontconfig.properties.src 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+5 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08808_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\elevation_service.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\pt-PT.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libwebvtt_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Windows NT\TableTextService\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Vladivostok 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21309_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATHEDITOR_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7ES.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02097_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107042.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Technic.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\LOCALDV.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\F12Resources.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Galapagos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKS.ICO 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\he\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Windhoek 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Azores 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02091_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chicago 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0279644.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR21F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImageMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeXMP.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Folders\1033\MSOSVINT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01462_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataViewIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\en-US.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabimp.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309598.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14754_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Seoul 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Essential.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\IPML.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\BriefcaseIcon.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\WPFT632.CNV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143748.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIcons.jpg 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mn\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_XPS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libx265_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105238.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02288_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\RADAR.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_windy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\URBAN_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR26F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libty_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\DirectDB.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107746.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\INLAUNCH.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiItalic.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382950.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icucnv36.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_is.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\FLASH.NET.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository_1.2.100.v20131209-2144.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01548_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\ChessIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Adak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186360.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02039U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Eucla 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Media Player\Icons\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18256_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ENVELOPR.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CENTEURO.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_bg.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di_1.0.0.v20140328-2112.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\STOPICON.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libhttp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseout.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_rtl.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01905_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15273_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\background.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKACCS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Goose_Bay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Casual.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\PersonalContact.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\EXPEDITN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\WATER.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\help.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.DE.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\larrow.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01013_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLFLTR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7ES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0182902.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02054_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Bibliography\BIBFORM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\pmd.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7-zip32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1665.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR32B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface_3.10.1.v20140813-1009.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\vstoee.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\F12.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00222_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107480.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\DefaultBlackAndWhite.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01015_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\MeetingIconMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Swift_Current 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185790.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0149481.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\koreus.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\info.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Oral 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgrain_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00559_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libvhs_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\MakeAccessible.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\CURRENCY.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javaws.policy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Madeira 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL020.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactLowMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\keypadbase.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\appletviewer.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerEvaluators.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR14F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0227419.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONTACT.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECURS.ICO 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\am\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Cairo 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Australia\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\South_Georgia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107452.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql70.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\iedvtool.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\notification_plugin.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\fonts\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\WT61ES.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19563_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00010_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AD98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryLetter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\alt-rt.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Port_of_Spain 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382959.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14981_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL011.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MIMEDIR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME07.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR1F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\MST 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199307.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18213_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00957_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099174.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLRPC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Pohnpei 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00956_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309904.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODDBS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\VVIEWRES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OrielMergeLetter.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\MessageBoxIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmplayer.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\GreenBubbles.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151041.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00578_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR8B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Track Issues.fdt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libscte18_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\flyout.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115865.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Document Parts\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\15x15dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsound.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00233_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198102.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\delete.avi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05869_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\DATE.JPG 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EET 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00487_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-api-caching.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21303_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLMACRO.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\v8_context_snapshot.bin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Grand_Turk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuala_Lumpur 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099197.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14595_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00505_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Default.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL086.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_it.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_pt_BR.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01658_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105288.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libgl_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\ado\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187851.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSTORYVERT.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBWZINT.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\AUTHOR.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105384.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01294_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\STRTEDGE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN105.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieResume.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199727.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Resource.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libpanoramix_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\rt3d.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Documentation\1033\License Agreements\SynchronizationEula.rtf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\review_same_reviewers.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00037_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Davis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Main.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jsoundds.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107728.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15022_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSACCESS.DEV.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\STUDIO.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\jsprofilerui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\kinit.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Paper.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-charts.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Creston 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00455_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\ZoneInfoMappings 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196110.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00915_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Gambier 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Eirunepe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00171_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099183.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\dcpr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\snmp.acl.template 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187863.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\DELIMDOS.FAE 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\QUERIES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\nb.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.common_2.10.1.v20140901-1043.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\prism-d3d.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0240157.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00178_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR36F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\attention.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmirror_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01478U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00152_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14801_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00184_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR27F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSansBold.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Winamac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXPTOOWS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Budapest 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Adjacency.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15168_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341455.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00694_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15035_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\WSS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107468.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\NOTE.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Thimphu 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\removed-files 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\sbdrop.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\cacerts 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240389.profile.gz 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0309567.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAIL11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0195384.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\my\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Amman 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FLAP.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHKEY.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\ModifiedTelespace.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL058.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multitabs.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jmx.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Boa_Vista 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsIncomingImageSmall.jpg 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\chrome.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-core-kit.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0295241.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18246_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\RPLBRF35.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUTHZAX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_center.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_Off.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00177_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281638.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10302_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\zipfs.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01138_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102002.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285796.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaora.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01628_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03379I.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libudp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradfun_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241037.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RECL.ICO 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\MSClientDataMgr\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Minsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\ERROR.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanLetter.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Horizon.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\LISTBOX.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086424.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099153.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TextConv\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\trusted.libraries 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-oql.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00965_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_flat_10_000000_40x100.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME52.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART5.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\ui.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7TSFrame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387591.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21307_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AGM.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libglwin32_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15133_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9B.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Fancy\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBHD.XML 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\eu\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\SaslPrep\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ACE.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pontianak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\background.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\ActionsPane3.xsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Cordoba 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00494_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImages256Colors.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALENDAR.DPV 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\DW\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\da.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157167.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Mozilla Maintenance Service\logs\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\ROMANIAN.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152594.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115866.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmad_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libnetsync_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Saipan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0292020.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\button_mid.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\background.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR45F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\MediaReceiverRegistrar.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\GRDEN_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01152_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfxrt.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Angles.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSLaunch.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Triedit\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03380I.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00638_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR29F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.Office.Tools.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Campo_Grande 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\javaws.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+12 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\or\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.THD 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107722.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153095.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLINTL32.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CNFNOT.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.TH.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado28.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cuiaba 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101857.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXSEC32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\OUTEX.ECF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADVZIP.DIC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ka.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\release 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145669.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115834.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10358_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14800_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGHEADING.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\PipeTran.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\glib-lite.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18201_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSYUBIN7.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SCNPST32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\si.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\EPSIMP32.FLT 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02097_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00008_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\SY______.PFM 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcs.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02092_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7en.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatializer_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\JNWDRV.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\tnameserv.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382957.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21312_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\24.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\kinit.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03012U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7cm_fr.dub 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGACCBOX.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Tags.accft 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kolkata 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yekaterinburg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BUTTON.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00443_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME17.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javafxpackager.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188519.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21376_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\decora-sse.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guam 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238333.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239967.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\klist.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPICCAP.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_1.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14656_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Casual.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00235_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341499.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\localedata.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\main.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-text.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Opulent.xml 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\be\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Full.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FINCL_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSRuntimeUI.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RADIAL\RADIAL.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Toronto 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Swirl\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_on.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\kn\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-dayi.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-modules.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-applemenu.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\9.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBAD.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pencht.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\F12Tools.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SCHOL_02.MID 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCHDREST.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yakutat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Executive.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\weather.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Median.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.DEV_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PROFILE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19988_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386764.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AIR98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Mail\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LAYERS\LAYERS.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\JavaAccessBridge-64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00013_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL01041_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\management.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115867.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199279.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01300_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18252_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\ISO690Nmerical.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\conticon.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\St_Johns 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00164_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwLatin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLSLICER.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7EN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\libGLESv2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\default.vlt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14985_.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1049\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)greenStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0251871.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\minidump-analyzer.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ZoomIconsMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Name.accft 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPDMCCore.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jmc.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director_2.3.100.v20140224-1921.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107718.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02451_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_vi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\en-US\MsMpRes.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\whitemenu.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\CIEXYZ.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\OliveGreen.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\form_edit.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382960.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199549.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21370_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\msvcr100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.access 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\ssvagent.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Algiers 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSEnv\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00224_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02094_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceme35.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\cy.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME16.CSS 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\THOCR.PSP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\uk\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\InkWatson.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RICEPAPR\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02313_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SCNPST64.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\NL.ROGERS.COM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Genko_2.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292270.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01244_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21535_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\CONVERT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_flyout.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\SYMBOL.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\validation.js 700a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Media Renderer\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME45.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR23F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOffMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\greenStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Belize 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Irkutsk 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL012.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Novosibirsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR51F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-windows.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\InkObj.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ef8c08_256x240.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\trusted.libraries 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293570.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\SPLASH.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\images\vlc16x16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\vsta_ep32.exe.config 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh88 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-applemenu.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\d3dcompiler_47.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ExtExport.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jerusalem 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152436.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liboggspots_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Waveform.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15135_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\La_Rioja 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382963.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00784_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsFormTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_decreaseindent.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Singapore 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR30F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XLINTL32.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ar\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Bissau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Sitka 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipBand.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\JFONT.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSCOL11.PPD 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.KR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\CST6CDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Client.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\msoe.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01182_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02233_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18247_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01065_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0252669.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00913_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\nio.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\pa-in.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\msitss55.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\x86\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152876.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21332_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\fur.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java-rmi.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application-views.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00086_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libvc1_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198234.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\INFOMAIL.CFG 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ast\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libwinhibit_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\NOTICE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01213K.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GR8GALRY.GRA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_increaseindent.gif 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SUMER_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\OUTEX2.ECF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\mux\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_48.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\native2ascii.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Anchorage 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN103.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mousedown.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105286.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02750G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert.css 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ulaanbaatar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\java.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Panama 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Abidjan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01160_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\LoanAmortization.xltx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\SATIN.INF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\create_form.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00049_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ACCSBAR.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dushanbe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7ES.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\PASSWORD.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\NVBELL.NET.XML 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\gu\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ast.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-uisupport.xml 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01193_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSans.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341557.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORM.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFPrevHndlr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-common.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-api-visual.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-tabcontrol.xml 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\bin\dtplugin\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Algiers 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0318448.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00837_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR24F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199283.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Wordcnvr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnsc_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ts_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Costa_Rica 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099159.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penjpn.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\js\common.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\excelcnvpxy.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00040_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382958.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Urban.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-ui.jar 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04369_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOCF.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libreal_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\IntroducingPowerPoint2010.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099194.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ug\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_udp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_block_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMECONTROLPROXY.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msdarem.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21295_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ml\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Denver 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdirectory_demux_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImage.jpg 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-3 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00161_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DiscussionToolIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PINELUMB.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-10 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Civic.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR8B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AccessWeb\CLNTWRAP.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLMAPI32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft.NET\RedistList\AssemblyList_4_client.xml 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0148798.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLAPPTR.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPORTL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN075.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\SIGNUP\install.ins 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Chita 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WITHCOMP.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsColorChart.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\open_original_form.gif 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tijuana 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15018_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Earthy.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\TexturedBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Portal\1033\PortalConnect.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\vi.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\CAPSULES.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00195_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105348.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\GRIP.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\OrielFax.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLWVW.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_hu.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0278702.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SL00298_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Oriel.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01044_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14882_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\PAGESIZE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\QUIKPUBS.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\tr.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ru.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-dialogs.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ml\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\libarchive_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\GRID_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\VIEWBY.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_VelvetRose.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Matamoros 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212751.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\hi.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR46F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ko.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_hyperlink.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\form_responses.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msdaremr.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_lt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvmstat.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00494_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\DESKSAM.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\sound.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FS3BOX.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGCOUPON.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00241_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18238_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10267_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\HEADER.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\asl-v20.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench_1.1.0.v20140512-1820.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01140_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialLetter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\tab_off.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOCFU.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\en-US\wab32res.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Nauru 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178932.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\COMPUTER.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14654_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CNFNOT.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-private-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_fr.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\RECALL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Sales Pipeline.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00544_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196364.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vilnius 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-io.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\msvcr100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Chagos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\mpvis.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_up.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01607U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00910_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Sts.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\setup_wm.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5EDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198712.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LTHD11.POC 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\logger\libconsole_logger_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\settings.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_super.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\MSOERES.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\MSClientDataMgr\MSCDM.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Sts.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_120.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720_480shadow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-api.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR31F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_bridge_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Qyzylorda 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\MAIL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LINEACT.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR3F.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Biscay\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BS2BARB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libvisual_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked-loading.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\jaccess.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jsdt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02262_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_hov.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.metadata.repository.prefs 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02398U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCDDSUI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdaorar.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Yellowknife 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Document Themes 14\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Office\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\eula.rtf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21504_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Library\Analysis\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XLICONS.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\LASER.WAV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\bin\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00012_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099191.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR34F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Computers\computericon.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PS9CRNRH.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Majuro 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099148.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107188.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152878.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\CircleIconsMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\wmlaunch.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01180_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15302_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7FR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libwave_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21423_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR2F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL010.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\OriginLetter.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\he.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\prism-d3d.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287644.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Green Bubbles.htm 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Internet Explorer\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_tr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Analysis Services\AS OLEDB\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0093905.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\WinMail.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1031\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Karachi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs-nio2.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-utilities.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00704_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_kn.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPNSSUI.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Form.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Apothecary.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16ImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBEMAIL.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_65_ffffff_1x400.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Country.css 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1258.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239191.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMV12\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7es.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_file_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libvcd_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SPRING\SPRING.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21512_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Foundry.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\LATIN1.SHP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\Notebook03.onepkg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Noumea 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00916_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OCLTINT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\RECYCLE.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0183328.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Saipan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-charts.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME08.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\mn.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PROFILE\PROFILE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-api.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WING1.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management\jmxremote.access 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18242_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_hov.png 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\db\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\background.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\macroprogress.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-dock.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02736G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR6B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GREETING.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Juan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Elemental.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL109.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0160590.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\mng.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00779_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00693_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\en-US\WMM2CLIP.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-actions.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0214934.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_05.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18184_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\splash.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security_1.2.0.v20130424-1801.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Guadalcanal 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLACCT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_QuickLaunch.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-api.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00019_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106958.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\PACBELL.NET.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN097.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\visualization\libgoom_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado27.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\management\management.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Perth 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\PhotoAcq.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01785_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromecast_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviews_sent.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OISGRAPH.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\pt-BR.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql_2.0.100.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB00516L.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\StarterApplicationDescriptors.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spl.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_alignright.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\sqloledb.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Folders\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Discussion14.gta 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\PROOF\MSLID.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185842.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_standard_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\MAPISHELLR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099167.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Bold.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Perspective.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Msgbox.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\STUDIO\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196358.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTaskIconMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OUTGOING.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_228ef1_256x240.png 700a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Configuration\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\DESIGNER\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SONORA\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\VelvetRose.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\PST8 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0281640.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00448_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105414.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\application.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115863.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR3F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PTXT9.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\vimeo.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00419_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105388.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00476_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Paramaribo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152698.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\35.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ECLIPSE\ECLIPSE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rio_Branco 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.WIH 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Class.zip 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bs\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Sakhalin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jfxmedia.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00096_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00546_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01618_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02067_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR9F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BAN98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENV98SP.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACEDAO.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\UseReset.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mshwgst.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\blacklist 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0292982.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0299171.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0314068.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21313_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CONTACT.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\en-US\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ENES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-visual.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00152_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\ORG97.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\en-US\msoeres.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.contexts_1.3.100.v20140407-1019.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00261_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR36F.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\40.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\EUROTOOL.XLAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Tijuana 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0321179.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115839.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME51.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21505_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Irkutsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00459_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00917_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Accessibility.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-threaddump.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00068_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FORMCTL.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\en-US\mpvis.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wallis 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Thatch.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\DiscussionToolIconImagesMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\hy\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-visual.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Concourse.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Opulent.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\POSTCARD.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\RCLRPT.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\utilityfunctions.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnetwk.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\main.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\performance.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD07761_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Equity.thmx 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\travel.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\hprof-16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SplashScreen.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR2F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_sml.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\ICE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01293_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02287_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00943_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sr-spc.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232171.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHLTS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\fr.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR1B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\BG_ADOBE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\2.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01563_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libqsv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Istanbul 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Rainy_River 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145373.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02407_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REMOTES.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_ja.jar 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\ie9props.propdesc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Miquelon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Efate 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04269_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GROOVE.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.security 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.http_8.1.14.v20131031.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238959.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\REFINED.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Baku 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Horizon.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\hu.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Aspect.thmx 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Versions\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086428.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0324704.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02522_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01176_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00563_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Concourse.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDCNCLL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\St_Johns 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chuuk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-appui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jabswitch.exe 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107134.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\ehshellLogo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\hr.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15058_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESTS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_increaseindent.gif 700a1s0ssssd7da.exe File created C:\Program Files (x86)\WindowsPowerShell\Modules\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09662_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00435_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\AMERITECH.NET.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaurl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-dock.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSTORE.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\http.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00629_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR49F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\TURABIAN.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\ja.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multitabs.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08758_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178460.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sl.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-loaders.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR31B.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.CMP 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\SpeechEngines\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\libxml2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\EN00320_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099190.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.Xml.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7MODELS0009.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\EMAILMOD.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\keystore\libmemory_keystore_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0086478.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpCommu.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\RSSFeeds.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03464_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONTACTL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PG_INDEX.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-output2.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Antarctica\DumontDUrville 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216570.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02398_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART12.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL027.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ORIG98.POC 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\java.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\ManagedObjects\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIDEBARBB.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287415.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00693_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0172035.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01749_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_on.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunec.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Easter 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD20013_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14983_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_nv12_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWLAY32.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Classic.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPrintTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\STS2\tab_off.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VVIEWRES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayenne 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-uihandler.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\install.log 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\servertool.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099186.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ADD.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ug.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Informix.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153307.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\Tasks.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101866.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02413_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SOA.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.ID.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\mpvis.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\23.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\utilityfunctions.js 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00417_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\en-US\sbdrop.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\default_apps\gmail.crx 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\DESIGNER\MSADDNDR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.identity_3.4.0.v20140827-1444.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CSS7DATA000C.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\LINES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\Whistling.wav 700a1s0ssssd7da.exe File created C:\Program Files\Windows Journal\Templates\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tirane 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kuching 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099164.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106208.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dhaka 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART9.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXLIRMV.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\messageboxalert.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\slideShow.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jni.h 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00413_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB.HXS 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mai\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\21.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\GRAY.pf 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Atlantic\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01638_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPreviewTemplate.html 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\wabfind.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRdIF.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services_1.1.0.v20140328-1925.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME-JAVAFX.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Composite.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE.MANIFEST 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.Tools.Applications.Project.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia_Banderas 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\rmid.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14794_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\EQUATION\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\IRIS.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187881.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\iedvtool.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-spi-quicksearch.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD08773_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0179963.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZTOOL.ACCDE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VGX\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ext.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\GrooveMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00241_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21534_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\eventlog_provider.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\Welcome.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\gstreamer-lite.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR13F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OMSMMS.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-heapwalker.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0296288.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ta.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\SecretST.TTF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Winnipeg 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextService.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01255G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\CALENDAR.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MAIN.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SCANPST.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Cancun 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Atlantic\Stanley 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ERROR.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CALHM.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoAcq.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\MCABOUT.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18241_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME48.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Components\SignedComponents.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpconfig.exe 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\networkinspection.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hovd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CLASSIC2.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10300_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SpringGreen\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sampler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Eucla 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02201_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGSIDEBR.DPV 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10307_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Mawson 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands_3.6.100.v20140528-1422.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215210.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\Accessories\WordpadFilter.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Bucharest 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OFFLINE.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01563_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Trek.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Document Parts\1033\14\Built-In Building Blocks.dotx 700a1s0ssssd7da.exe File created C:\Program Files\Windows Defender\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.RSA 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sa.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Samara 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107150.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\26.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\WMPDMC.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Efate 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME50.CSS 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\Sybase.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7wre_es.dub 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\defaults\pref\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.jetty_3.0.200.v20131021-1843.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00603_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-lib-uihandler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099163.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341447.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\MANUAL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands_0.10.2.v20140424-2344.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\msolui100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipRes.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CNFRES.CFG 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\PLANNERS.ONE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMARQ.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00918_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Aspect.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14830_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMAIN.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Uninstall.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153265.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsViewTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\mobile_equalizer.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\33.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02373_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01560_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\SAVE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\VVIEWER.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado21.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceYi.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBLR6.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE03668_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\browser\features\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWORIENT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\awt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090783.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0102594.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\rtf_spellcheck.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\COIN.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.IT.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\msdaps.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Perspective.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15156_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\XML Files\StarterToolTemplates.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\fa.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR50F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\wabmig.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00011_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19582_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Americana\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages.properties 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_thunderstorm.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\JNGLE_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Xlate_Init.xsn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BORDERS\MSART11.BDR 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101860.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00820_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\gl.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD10972_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02897J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18254_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\TYPE.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Madrid 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01170_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02155_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382944.JPG 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-text.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_TexturedBlue.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft.NET\RedistList\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CONTACTINFOBB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN01060_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0149118.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18192_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\EST5EDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143754.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\policytool.exe 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msadcer.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\SessionMember.ico 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\default_apps\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00006_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107446.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01301_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\WANS.NET.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\my\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107484.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152628.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\29.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287417.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libscreen_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\UnformattedNumeric.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository_2.3.0.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-queries.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\view.html 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\javah.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\jamendo.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD19828_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14790_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\resources\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107316.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199805.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\skins\winamp2.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tr.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153516.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01575_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\AD.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGWEBCAL.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14528_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WhiteboxMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PS10TARG.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\wabimp.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\bg_Casual.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\uninstall\helper.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18251_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21482_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME53.CSS 700a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\hint_over.png 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\misc\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153089.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileHighMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\LICENSE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\Cartridges\msjet.xsl 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME05.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\WISC30.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FSTOCK.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_http_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Yakutsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\ieproxy.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CONCRETE\CONCRETE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\DumontDUrville 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\helpmap.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\libGLESv2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig-office.xrm-ms 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.console_1.1.0.v20140131-1639.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD06102_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14538_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlcecompact35.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nipigon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-impl.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Catamarca 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0146142.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-compat.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WWINTL.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEB11.POC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.ITS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_content-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\net.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240811.profile.gz 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\jawt.lib 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_cloudy.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CalendarToolIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24Images.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\IconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PIXEL.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02116_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE05870_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01843_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Lime\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInViews\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\co.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\QUAD\QUAD.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\dialogs\error_window.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libexport_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\directshowtap.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341738.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01931J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21520_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Moncton 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PPINTL.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\pdm.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\rmiregistry.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Flow.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GIFT.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\axvlc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14844_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MAPISHELLR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OOFL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\OFFISUPP.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\EDGE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-print.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215070.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\UrbanMergeFax.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\WMPMediaSharing.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.lock 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14845_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\POSTIT.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\wlsrvc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18189_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CLVWINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\HEADER.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\d3d11\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\AcroRead.msi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Volgograd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\ICE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387578.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01158_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01842_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Apex.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-util.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-fallback.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02276_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.fr\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-lib-uihandler.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0318810.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBHOME.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\pingsender.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libdmo_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-2 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBTRAP.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\uninstall\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\MedianFax.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\status.json 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\unpack200.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Moscow 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Funafuti 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR13F.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_no.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png 700a1s0ssssd7da.exe File created C:\Program Files\Windows Journal\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Empty.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03041I.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Casual.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADVTEL.DIC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\km\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7EN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FOLDPROJ.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Events.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ko.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santa_Isabel 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00253_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR16F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTFORM.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_floating.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\abcpy.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tokyo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CG1606.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0217302.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0296277.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLPERF.INI 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\CreateSpaceImageMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGATNGET.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\favicon.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thunder_Bay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090087.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACCESS12.ACC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB3A.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGPQUOT.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\Interface.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-phonetic.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00351_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL002.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\browser\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libstl_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLBAR.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\MarkupIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\ERROR.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-util-enumerations.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD15185_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libafile_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\gui\libqt_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmpnssci.dll.mui 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\STSUPLD.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\WATER.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONINTL.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR27F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LETTHEAD.XML 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\zh_CN\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\jnwdui.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO01044_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR38F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.HXS 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\PFM\zy______.pfm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSClientManifest.man 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\ODBC.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOnNotificationInTray.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\et.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-explorer.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00130_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Newsprint.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL083.XML 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\modules\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Riga 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multiview.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD09194_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Defender\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg_orange.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ms.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker_1.1.200.v20131119-0908.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\wmplayer.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODTXT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01039_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00382_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\NPSWF32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\FAX\UrbanFax.Dotx 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\is\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00242_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107300.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\CHICAGO.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_right_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR43B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_h.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD00173_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUB6INTL.REST.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\DMR_120.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN02724_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18226_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mscss7fr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\42.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jayapura 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143752.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PROG98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0227558.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21335_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0\Microsoft.Synchronization.Data.Server.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\uninstall.log 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099166.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285782.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarViewButtonImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\default_thumb.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03011U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00191_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN01308_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.conf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-options.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099160.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00485_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\EXLIRM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHighMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB5A.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kolkata 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00932_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0318804.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.SG.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.jpg 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\oc\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\js\settings.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\redStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_rainy.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Panama 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0187423.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21434_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Tiki.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00057_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_LightSpirit.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ENV98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02124_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\orbd.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145168.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ENVELOPR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_FormsHomePage.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLINACC.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Spelling.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sq.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01793_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01657_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Origin.xml 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_PT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\sql90.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\cacerts 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NL7MODELS000A.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OSPP.VBS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\STORYBB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00117_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SEQCHK10.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Slate.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\glow.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1046\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD10289_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\groove.net\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierUpArrow.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_realrtsp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\ta.pak 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\HWRCustomization\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipssve.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0216858.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DOTS.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00438_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSODCW.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21343_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN086.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\Packages\Debugger\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPLACE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101865.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.CNT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\deploy\messages_de.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\highDpiImageSwap.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\WHOOSH.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Desert\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libmft_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-io-ui.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-heapdump.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00145_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196060.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00011_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmti.h 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_CN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\icudtl.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\msvcp140.dll 700a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\NBMapTIP.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\mc.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Chihuahua 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18200_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\STSUPLD.INTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libkate_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Taipei 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl.css 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\as_IN\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\brx\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00234_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left_disable.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\SoftBlue\background.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\d3d9\libdirect3d9_filters_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18219_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DISTLSTL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN054.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\custom.lua 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-1 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Indian\Kerguelen 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382926.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Equity.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_OliveGreen.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\OFFISUPP.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sa.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-core-kit.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\Microsoft.Office.InfoPath.xml 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VSTO\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152898.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SPACE_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR40F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01361_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\WEBPAGE.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDFFile_8.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0297759.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0292272.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02009_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\HxRuntime.HxS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\msadc\msadcor.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153508.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239955.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Istanbul 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151055.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Beige.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\Person.gif 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\JOURNAL\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\hprof.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Havana 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR25F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\ACTIVITL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Media Renderer\DMR_120.jpg 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\lua\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libextract_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\FRAR\MSB1FRAR.ITS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00238_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\ADDINS\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\1.7\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaer.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\oledb32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7ES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_rtp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boise 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CLASSIC1.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\QUERIES\MSN MoneyCentral Investor Currency Rates.iqy 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\youtube.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ky.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\javaws.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\MLA.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL096.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\librtpvideo_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Temp\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\alt-rt.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.AR.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\penusa.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\ImportEnable.lock 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105526.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png 700a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Icons\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Metro.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0157177.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\TASKDECL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SUBMIT.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDCAT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\1033\TIME.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-javahelp.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\security\US_export_policy.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\fil.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado25.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00165_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\dt_shmem.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0239941.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14795_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.attributeTransformation.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101858.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Lagos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PSRCHLTS.DAT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBWZINT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\AddToViewArrowMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\APA.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.EPS 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00262_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21339_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_hail.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\digest.s 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerActions.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_222222_256x240.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14565_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SECREC.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Swirl\tab_off.gif 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\gmp-clearkey\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipscsy.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Cocos 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152600.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpRTP.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core_2.3.0.v20131211-1531.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp_3.6.300.v20140407-1855.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\fonts\LucidaBrightItalic.ttf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00656_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\REPORTS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\TOOT.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\StatusAway.ico 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Help\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CORE.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Hobart 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libnoseek_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATER\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticattribute.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0148309.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png 700a1s0ssssd7da.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185774.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099198.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR28B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libpva_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\46.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCallbacks.h 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-11 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\VisualElements\LogoBeta.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipTsf.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightYellow\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1252.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\OWSHLP10.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Indiana\Marengo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Magadan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CUPINST.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099203.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\Proof.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\Parity.fx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Barbados 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00932_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02567J.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\form_edit.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.TW.XML 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\TextConv\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Ojinaga 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Discussion\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BROCHURE.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Civic.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR42F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GFX.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\hrtfs\dodeca_and_7channel_3DSL_HRTF.sofa 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7zFM.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\IN00204_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200273.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Update\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdatl3.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1033\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\en-US\sqloledb.rll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21495_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\GREETING.DPV 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\CHECKBOX.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ur.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287408.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293844.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaorar.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AppConfig.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\bn.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\eula.dll 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\core.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\JdbcOdbc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10298_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\INCOMING.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02388_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_hov.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\iexplore.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-filesystems.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\STS2\background.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\TexturedBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01058_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00768_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsHomePageStyle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-execution.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304405.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.SharePoint.BusinessData.Administration.Client.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\fi\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00129_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DisableEdit.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\eclipse.inf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.io_8.1.14.v20131031.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-cli.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\css\cpu.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\fi.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\SEAMARBL.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Pangnirtung 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107426.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0177806.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsVersion1Warning.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\sunec.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107314.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmplayer.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\localizedStrings.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18208_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_win7.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099204.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Thatch.eftx 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01293_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107154.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115864.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsvorepository_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\logging.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0106572.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME06.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7FR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Garden.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IMCONTACT.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONELEV.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\TECHTOOL.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\mng2.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-spi-actions.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-ui.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0216112.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\fr.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.BusinessData.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\en-US\MSPVWCTL.DLL.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT98SP.POC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\nn\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsdp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libtransform_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107544.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\MSOSEC.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDREQL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\OnLineBusy.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MSASCui.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21344_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libremap_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\services_discovery\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZX______.PFB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Paris 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00389_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00468_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME32.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00396_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15019_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME26.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\wsdetect.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Choibalsan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BABY_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\RSPMECH.POC 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server-15.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00014_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18216_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00453_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_left.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_output\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\msoe.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedbck2.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01848_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Copenhagen 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01069_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN00687_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSStr32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107708.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341328.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00941_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.NO.XML 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\cmm\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00439_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18207_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ACTIP10.HLP 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Oasis\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGAD.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\curl.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-compat.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msador15.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Simferopol 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD00437_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\modules\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\adcvbs.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00174_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187859.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PROTTPLV.DOC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EssentialResume.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdate.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188669.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21325_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMARQ.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\css\settings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Louisville 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Paper.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\QuestionIconMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341653.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SMIMES.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSPUB.TLB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\zipfs.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187825.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jpeg.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL044.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\1047x576black.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145361.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\UndoSwitch.ps1 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Module.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04195_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01748_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK.DEV_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Maputo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-modules-appui_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-full.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Internet Explorer\en-US\F12Tools.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Ndjamena 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Pushpin.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21422_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSO.ACL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mip.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Maldives 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\mlib_image.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR37F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WebToolIconImages.jpg 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Sync Framework\v1.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sk.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\default-browser-agent.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\PDFSigQFormalRep.pdf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00452_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02757U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MENU98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\NEWS98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Peacock.htm 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_hail.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-progress.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSO0127.ACL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\simplexml.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\swiftshader\libEGL.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153518.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME20.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSTORDB.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\TECHTOOL.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Jakarta 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsBrowserUpgrade.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.COM.VN.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\utilityfunctions.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\AXIS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXPSRV.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaws.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\CGMIMP32.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\BLENDS.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\SAVE.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSOCFUIUTILITIESDLL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Auckland 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\TEXTBOX.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861261279.profile.gz 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jabswitch.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Fortaleza 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Client.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387882.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS_K_COL.HXK 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libadaptive_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Urumqi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\topnav.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Zurich 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188667.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SendMail.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\vlc.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Choibalsan 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\ps.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FORM.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic 2.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\WSSFilesToolIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\ARROW.WAV 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02093_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1028\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\oisctrl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21301_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Stationery\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\sq\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msado20.tlb 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0186362.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Adjacency.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SY01253_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Newsprint.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\currency.data 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Paris 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vienna 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01239K.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-vertical.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_zh-TW.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\weather.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\La_Paz 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01461_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01126_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CAMERA.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\pt_BR\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kiev 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD01074_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02285_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\hr\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME12.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\GKExcel.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsPrintTemplate.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\VVIEWER.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.SF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Kaliningrad 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Median.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18185_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\ENU\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\ru.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerConstraints.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0286034.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Shared16x16Images.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\THOCRAPI.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\LISTS\BASMLA.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\COMPASS\COMPASS.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\JAVA_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01247U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-uihandler.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00445_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\lij.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\sqmapi.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\preface.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\4.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01064_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OUTLVBS.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\mr\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\softokn3.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm_cmd.xml 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15277_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR47B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR47B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Apia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01246_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\PUSH.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\main.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR10F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_alignright.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1257.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7z.sfx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\RIPPLE.ELM 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CERT98.POC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237228.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\server\jvm.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\ENU\StandardBusiness.pdf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\IEShims.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Dili 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsusf_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\LOGO98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\CMap\Identity-H 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Lime\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\5.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00170_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02106_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Cartridges\as80.xsl 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21294_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\rtf_decreaseindent.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSCOL11.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Samarkand 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00299_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\1.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Costa_Rica 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115855.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\SpaceSelector.ico 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\14\BIN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\hxdsui.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\AssemblyInfoInternal.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\LEVEL\LEVEL.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099184.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\xul.dll.sig 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BREEZE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Sync Framework\v1.0\Runtime\x64\Microsoft.Synchronization.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscene_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\IACOM2.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\db\lib\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jhat.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\CST6CDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0234687.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\Form_StatusImage.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Pine_Lumber.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00809_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfreeze_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseout.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\SY______.PFB 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\eclipse.inf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_basestyle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099199.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\STSLIST.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\desktop.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Norfolk 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\chrome_watcher.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\include\jvmticmlr.h 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kwajalein 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0151581.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_ja.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Cairo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105292.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01236U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClient.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\InkDiv.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Small_News.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143746.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15021_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONENOTE.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\blank.png 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SpringGreen\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\InfoPathOM\InfoPathOMFormServices\InfoPathOMFormServicesV12\Microsoft.Office.Infopath.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\WidescreenPresentation.potx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\images\add_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\1.0\Microsoft.Ink.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Louisville 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382969.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BabyBlue.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Nicosia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL092.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\mset7tkjp.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL016.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBBA\MSPUB2A.BDR 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\yo.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCVDT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\CollectSignatures_Init.xsn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\COUGH.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsdt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kiev 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01015_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\J0115841.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Photo Viewer\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageSmall.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectTool\Project Report Type\Basic\DEFAULT.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\PROGRAM.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuvp_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Guatemala 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02265_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18180_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15056_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN03500_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01852_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\adcjavas.inc 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\sr.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.bat 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02025_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Newsprint.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSProxy.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\INFOPATH.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\blank.jtp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWDAT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLENDS\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\RECOVR32.CNV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Asuncion 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\TableTextServiceArray.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Scoresbysund 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0212219.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\CircleSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Krasnoyarsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-core.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02371_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\SAEXT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7zG.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Caracas 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\gimap.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099147.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04108_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.BusinessApplications.Runtime.xml 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\1033\Access\WSS\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\firefox.VisualElementsManifest.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icudt36.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\tt.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME34.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TipsImage.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\HST10 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GROOVE_F_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\IPOLKINTL.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Sounds\People\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_copy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\wlsrvc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105490.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\AdjacencyResume.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\BCSSync.exe 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\QP.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\add_reviewer.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7-zip.chm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02444_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\bg_Premium.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR10F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\libEGL.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\OUTDR_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0217262.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341559.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\MessageAttachmentIconImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CAPSULES\CAPSULES.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\net.properties 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\ext\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SpringGreen\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1033\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\MSMAPI\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\Timeline.cpu.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Martinique 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0313896.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieMergeLetter.dotx 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SUMIPNTG\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1STAR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEEXCH.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-windows.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18217_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\ACT3.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382947.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Jamaica 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Oslo 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\msadc\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Source Engine\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0252629.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21298_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_pl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Lima 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Australia\Melbourne 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaenum.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185834.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341534.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00058_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\OOFS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107748.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\COPYRIGHT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Rangoon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099149.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099157.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\IRIS.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\STS2\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-12 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0232393.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR51F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\APIFile_8.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0211981.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZMAIN.ACCDE 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGLOGO.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotiondetect_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_TW.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02141_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Macau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0101861.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\WMPDMC.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Christmas 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.registry_3.5.400.v20140428-1507.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ne\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\is.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0400003.PNG 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\SystemV\EST5 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Desert\HEADER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\GB.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\en-US\sbdrop.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\toc.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02082_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePage.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libwall_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-api-caching.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD14710_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR7B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN027.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_avi_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\booklist.gif 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\j2pcsc.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCWIZ\ACWZUSR12.ACCDU 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Accra 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS01634_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0287019.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14757_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TextConv\Wks9Pxy.cnv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-actions.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21364_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightOrange\BUTTON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1041\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD07804_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\SpeechEngines\Microsoft\TTS20\en-US\enu-dsk\M1033DSK.APL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\te.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\setup.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msado20.tlb 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Casey 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Essential.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0335112.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\AssemblyInfoInternal.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198016.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_ContactHigh.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MORPH9.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ReviewRouting_Init.xsn 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\plugin-hang-ui.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03425I.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Chuuk 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsepia_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\notConnectedStateIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\7z.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Brunei 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Kabul 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10337_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\pt.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0301052.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Office Classic.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_HighMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Adobe\zdingbat.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\EDGE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-output2.xml_hidden 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382970.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0217698.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\avtransport.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01759_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241077.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_Off.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\APPLAUSE.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradient_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_sw.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEOLEDB.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-enumerations.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341636.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293240.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\bg_Casual.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\kcms.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD05119_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02750U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\44.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0145904.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00641_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Reference Assemblies\Microsoft\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00330_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_thunderstorm.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Google\Policies\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01421_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Couture.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_output\libvdummy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107288.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0175361.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\BREAK.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387895.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FieldTypePreview\HEADING.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\liboldmovie_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceYi.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaps.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\NETWORK.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382965.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\rtf_center.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00175_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212601.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME25.CSS 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\powerpnt.exe.manifest 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\freebl3.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Mail\en-US\WinMail.exe.mui 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0387604.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MSACCESS.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt.fca 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\WindowsAccessBridge-64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Winnipeg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGMASTHD.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18214_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\SoftBlue.css 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Americana\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BIZCARD.XML 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\MSMAPI\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152716.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0241019.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\DataType\Category.accft 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeLinguistic.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0212299.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR7F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsVersion1Warning.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Desert\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\ProjectStatusIconsMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04384_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18255_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\Mac\CYRILLIC.TXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\setup.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199465.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PAPER_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\settings.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.JP.XML 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\br\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\en-US\msinfo32.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TR00172_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OIS.HXS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\VIEW.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BD10890_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Foundry.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\RTF_BOLD.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152556.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00391_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR26F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\button_right_over.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152432.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14693_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21302_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_orange.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\REFINED\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00790_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10255_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10263_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\CLIP.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0090089.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0196354.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\access_output\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\TRANSMRR.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Regina 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01146_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00212_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libaribsub_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0293234.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\XLSTART\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\MedianResume.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.servlet_1.1.500.v20140318-1755.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099151.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01354_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Asuncion 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-io.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14866_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\NotifierWindowMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belem 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-windows.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01304G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01747_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\rtf_spellcheck.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\INFOPATH_COL.HXC 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\Certificates\Verisign\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285792.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01243_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\JP2KLib.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prc\MyriadCAD.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\en-US\weather.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Tripoli 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\BrightOrange\button.gif 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\extensions\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmono_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\stop_collection_data.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\WMM2CLIP.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BrightYellow\HEADER.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Apex.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Acrofx32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-utilities.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH02282_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01740_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN010.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00122_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107328.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107730.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePageStyle.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SATIN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tongatapu 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00530_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285808.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\MEDIA\OFFICE14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\DataListIconImages.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\11.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\RIPPLE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\bod_r.TTF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215718.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_fdf5ce_1x400.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_delay_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382836.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH03014_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_High.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\MSTHED98.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipsrus.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PAPYRUS\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341654.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_es_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Defender\MpOAV.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR17F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\SoftBlue\background.gif 700a1s0ssssd7da.exe File created C:\Program Files\Windows Media Player\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\tzmappings 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\Desktop\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Part\2 Right.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeAUM_rootCert.cer 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME-JAVAFX.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\REVERSE.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Manaus 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Mail\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Services\verisign.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Scene_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21300_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0198022.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02790_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Oriel.xml 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\FORMS\1033\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\lgpllibs.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgaussianblur_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0384900.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\TN01165_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0222019.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUOPTIN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\SmartTagInstall.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD21308_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\an.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0178348.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Welcome Tool\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152702.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0215710.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\Invite or Link.one 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSHY7EN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ALRTINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunec.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107742.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Templates\Presentation Designs\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libtdummy_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSORES.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02617_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Hong_Kong 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\InkObj.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_settings.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04191_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01171_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.STD 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1036\MSO.ACL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\server_ok.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.ja_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105234.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\OCEAN_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Clarity.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00414_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\J0115875.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSPUB_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\CommsOutgoingImageMaskSmall.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DBGHELP.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-search.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Santo_Domingo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSSP7EN.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\default_apps\youtube.crx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\wmpenc.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107130.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libd3d11va_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Bahia_Banderas 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Pacific\Tarawa 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryMergeLetter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Currie 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-execution.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\FDFFile_8.ico 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Rangoon 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02368_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGNAVBAR.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Bougainville 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDREQS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NAMEEXT.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\BlackTieLetter.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_orange.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_disabled.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\La_Rioja 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-progress-ui.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Tallinn 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\VBA\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-outline.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Sort\TAG.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPIRMV.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\modules\dkjson.luac 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libt140_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Black Tie.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME54.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Assets.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\ucrtbase.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsBlankPage.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\RSWOP.ICM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\sd\jamendo.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Los_Angeles 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Simferopol 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152608.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\sk.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02077_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\IPIRM.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\JAWTAccessBridge-64.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188587.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SIGNS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01368_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME49.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Library\SOLVER\SOLVER.XLAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\http\vlm.html 700a1s0ssssd7da.exe File created C:\Program Files\Windows Mail\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Oblique.otf 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\SoftBlue.jpg 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\PROOF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0237225.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\FormsPreviewTemplateRTL.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\PINELUMB.HTM 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Darwin 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00442_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR23F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\3082\MSGR3ES.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\pack200.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\APPTS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00100_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107502.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18233_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\tr.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-startup.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\ConnectionManager.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BLANK.ONE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleUpdateComRegisterShell64.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\GMT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewSelectionChanged.js 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\ado\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Media Player\Media Renderer\RenderingControl.xml 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.data\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvmstat.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00163_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01186_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Mail\wabfind.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18223_.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition - Customized.fdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Analysis Services\AS OLEDB\10\msolui100.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD15170_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MAPIR.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLOOK_COL.HXT 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\Triedit\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-views.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Argentina\Buenos_Aires 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLY98SP.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-j2se-1.0.2.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_en-GB.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\CONFLICT.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\button_mid.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\en-US\wmlaunch.exe.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLJRNLR.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\IRIS\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Glace_Bay 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\awt.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099188.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\EquityLetter.Dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libsmb_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Stars.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\serialver.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02738U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME36.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImageMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tashkent 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SPACER.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\update-settings.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\zip.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluTSFrame.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Asia\Tashkent 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\GlobeButtonImage.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105378.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0188511.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PROOF\MSTH7FR.LEX 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18202_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\ED00172_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152602.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\VisualElements\SmallLogoDev.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\WATERMAR\WATERMAR.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLNOTER.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_HK.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WHIRL2.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libspdif_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ViewerPS.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\en-US\F12.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\Calendar\CalendarToolIconImagesMask.bmp 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\control\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Photo Viewer\PhotoBase.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PICTIM32.FLT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\about.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-templates.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\net.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH00602_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\WSS\1100.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkDrop32x32.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0195534.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\ONGuide.onepkg 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOMessageProvider.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Locales\sv.pak 700a1s0ssssd7da.exe File opened for modification C:\Program Files\7-Zip\Lang\id.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Internet Explorer\iediagcmd.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ACCDDS.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\THMBNAIL.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04134_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099173.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OFFXML.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\VBAOWS10.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\SLATE\SLATE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0186002.WMF 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms5\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\prcr.x3d 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\LockUnblock.ppt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\SETLANG_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\8.0\Microsoft.VisualStudio.Tools.Applications.Blueprints.tlb 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA01627_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Solutions\gradient.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYER11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\sv\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0213449.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\LAUNCH.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Africa\Khartoum 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\10\Resources\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\SCDRESPS.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\RMNSQUE\RMNSQUE.ELM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GRAPH_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montreal 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\default_apps\external_extensions.json 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\BabyBlue\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGN.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\GrayCheck\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Google\Update\1.3.35.452\goopdateres_es-419.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\WB01238_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR49B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\LoginTool24x24ImagesMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\GrayCheck\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_ja.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN04235_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00382_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\misc\libgnutls_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAME.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnWD.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN044.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BRCHUR11.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ADRESPEL.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\BROCHURE.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bg-today.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\System\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02161_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00223_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Help\en_US\Adobe Reader\9.0\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\ext\dnsns.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0281904.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD10265_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DOC.CFG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolBMPs\TaskbarIconImagesMask256Colors.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL_K_COL.HXK 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304875.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\ShowWait.wmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libinteger_mixer_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\America\Campo_Grande 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Vilnius 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0199303.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02263_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR28F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\excelcnv.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Stationery\1033\CURRENCY.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACERCLR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\jvm.hprof.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qatar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE01172_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveDocumentReview\ActiveTabImage.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Austin.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Slipstream.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0187835.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02742U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00166_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CSS7DATA000A.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Gibraltar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0152722.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBARBLL.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ks_IN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_play.png 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Adobe\Acrobat\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\PublicAssemblies\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21340_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR9B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolIcons\SessionOwner.ico 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGZIP.DPV 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnPPT.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\pl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.PNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-snaptracer.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02748U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Apex.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\rtscom.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\handsafe.reg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\sidebar.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Monaco 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_ja.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\amd64\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libdemuxdump_plugin.dll 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT-7 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0153091.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02126_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\XML2WORD.XSL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libclone_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Aspect.xml 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\FLYERHM.POC 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Library\SOLVER\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGTOC.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\HH01923_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185800.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\bg_Earthy.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBORDER.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\HEADINGBB.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\CANYON\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0382966.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0199661.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\BLUEPRNT\BLUEPRNT.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Etc\GMT+3 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN00932_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\icon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PARNT_10.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0336075.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\MSTORE_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\BrightYellow\TAB_ON.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Omsk 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\lib\zi\Europe\Chisinau 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNote-PipelineConfig.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGDOTS.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-2 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105276.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00512_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH01332U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9YDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\MANIFEST.MF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0341742.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\css\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\MSBuild\Microsoft.Office.InfoPath.targets 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099180.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Couture.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsViewAttachmentIconsMask.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\DataServices\FOLDER.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD.DEV_COL.HXC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\BTINTERNET.NET.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft SQL Server Compact Edition\v3.5\sqlceoledb35.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\file_obj.gif 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-queries.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02755U.BMP 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcrystalhd_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Melbourne 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MEDIA\CASHREG.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\ResourceInternal.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\VSTA\Bin\VSTAClientPkg.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0235241.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\ACCTBOX.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Oasis\TAB_OFF.GIF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\drag.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\FAXEXT.ECF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\OLNOTE.FAE 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0200151.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa37.hyp 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.common_5.5.0.165303.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107182.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0230558.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO02793_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\viewDblClick.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\Filters.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00267_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105398.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BS00441_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Technic.thmx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Slate.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.Office.Interop.InfoPath.SemiTrust.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\NETWORK\PREVIEW.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jerusalem 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar 700a1s0ssssd7da.exe File created C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ApothecaryResume.dotx 700a1s0ssssd7da.exe File created C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Biscay.css 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jarsigner.exe 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\installer.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\WINWORD_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SWEST_01.MID 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FRENCH.LNG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms4\ViewHeaderPreview.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\YAHOO.CO.IN.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\rtstreamsource.ax 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\logging.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert_5.5.0.165303.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE00034_.WMF 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\microsoft shared\TextConv\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Text.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\css\clock.css 700a1s0ssssd7da.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\FORMS\1033\DOCL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsHomePageScript.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\micaut.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Newsprint.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\LINES\BD21322_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_chroma\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfr.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AN02122_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Flyout_Thumbnail_Shadow.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\CSharp\1033\UserControl.zip 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tbilisi 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.pb_2.3.5.v201404071733.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\J0143745.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR00.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0214948.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SUBMIT.JS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGLBL065.XML 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ms\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\DEEPBLUE\DEEPBLUE.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14793_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OUTLWVW.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SIGN98.POC 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\bn\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\lua\meta\art\03_lastfm.luac 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmicrodns_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Black Tie.eftx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18193_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\NAMECONTROLPROXY.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\MYSL.ICO 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows NT\TableTextService\en-US\TableTextService.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR5B.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar 700a1s0ssssd7da.exe File created C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386270.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA02448_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18237_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099146.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0150150.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0238983.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\BULLETS\BD14870_.GIF 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\BL00105_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00296_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-crescent.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Photo Viewer\ImagingEngine.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\PDIR33F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\cpu.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.RSD 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\ink\Microsoft.Ink.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\OFFICE14\AUTOSHAP\BD18243_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\OISINTL.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\DGBOXES.DPV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\REMINDER.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD02071_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\NA00391_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\CsiSoap.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\1033\QuickStyles\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\bin\jpeg.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Menominee 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\J0285410.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PH02746G.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\CONVERT\1033\OLR.SAM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tarawa 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0285462.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0304861.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Bibliography\Style\GostName.XSL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\te\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1XTOR.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\t2k.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0107528.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveProjectToolset\WHITEBOX.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Microsoft.BusinessData.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\Access\Tasks.accdt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\THEMES14\PIXEL\PIXEL.INF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\Publisher\Backgrounds\WB02218_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBSPAPR\ZPDIR19F.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\FD00369_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\XMLSDK5.CHM 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\lg\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\reflow.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\SKY\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets_1.0.0.v20140514-1823.jar 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\br\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ADDINS\ACCOLK.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN020.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\SNIPE.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\vlc.mo 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\System\en-US\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-nodes.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099201.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Colors\Grayscale.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXE8SharedExpat.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Places\WARN.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\GrooveFormsMetaData.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN109.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.api 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.descriptorProvider.exsd 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench_1.2.1.v20140901-1244.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_ja_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\EXCEL.DEV_COL.HXT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsViewAttachmentIcons.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Templates\1033\ExecutiveResume.dotx 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.bmp 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\en-US\msaddsr.dll.mui 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\PE02282_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00199_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\Sounds\Things\SHOT.WAV 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\CommonData\AlertImage_FileOff.jpg 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099193.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Stationery\Soft Blue.htm 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Reader\authplay.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\System\ado\msadomd.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185796.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\SO00194_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\PST8PDT 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0105230.WMF 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL.IDX_DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\INTLDATE.DLL 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\msadc\msdarem.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PUBWIZ\CHECKER.POC 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\PAGESIZE\PGMN082.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\TWCUTLIN.DLL 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_smem_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\Read_Me.txt 700a1s0ssssd7da.exe File created C:\Program Files\Common Files\Microsoft Shared\THEMES14\STRTEDGE\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+1 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME30.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0185776.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\OneNote\SendToOneNOteFilter.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\System\ado\msjro.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\AG00120_.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.Design.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\ResizeCopy.vdw 700a1s0ssssd7da.exe File created C:\Program Files (x86)\Common Files\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_RGB_PAL.wmv 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Fonts\Flow.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\PUBFTSCM\SCHEME18.CSS 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\logo.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\spu\libmosaic_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\jp2native.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0099161.JPG 700a1s0ssssd7da.exe File created C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsStyles\Slate\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Document Themes 14\Theme Effects\Origin.eftx 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\locale\co\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\audio_output\libmmdevice_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\ENUtxt.pdf 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\bin\jstack.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jre7\bin\verify.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\DD01162_.WMF 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\SC_Reader.exe 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\license.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms3\FormsHomePage.html 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\1033\GrooveForms5\FormsStyles\Biscay\TAB_OFF.GIF 700a1s0ssssd7da.exe File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Windows Journal\Templates\Month_Calendar.jtp 700a1s0ssssd7da.exe File created C:\Program Files\WindowsPowerShell\Read_Me.txt 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Publisher.en-us\PublisherMUI.XML 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.bat 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_zh_CN.jar 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\CLIPART\PUB60COR\J0386485.JPG 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\localizedStrings.js 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Common Files\microsoft shared\Help\Hx.HxT 700a1s0ssssd7da.exe File opened for modification C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_over.png 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\accessibility.properties 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Perth 700a1s0ssssd7da.exe File opened for modification C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Process Library.fdt 700a1s0ssssd7da.exe File created C:\Program Files\VideoLAN\VLC\lua\http\js\Read_Me.txt 700a1s0ssssd7da.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\700a1s0ssssd7da.exe"C:\Users\Admin\AppData\Local\Temp\700a1s0ssssd7da.exe"1⤵
- Suspicious use of WriteProcessMemory
- Suspicious use of SetThreadContext
PID:1432 -
C:\Users\Admin\AppData\Local\Temp\700a1s0ssssd7da.exe"{path}"2⤵
- Suspicious behavior: EnumeratesProcesses
- Drops startup file
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1708
-
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Modifies service
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Drops desktop.ini file(s)
- Suspicious use of AdjustPrivilegeToken
- Modifies Installed Components in the registry
- Modifies registry class
PID:1220
-
C:\Windows\system32\msiexec.exeC:\Windows\system32\msiexec.exe /V1⤵
- Suspicious use of WriteProcessMemory
- Registers COM server for autorun
- Modifies data under HKEY_USERS
- Drops file in Windows directory
- Suspicious use of AdjustPrivilegeToken
- Modifies registry class
PID:1396 -
C:\Windows\system32\MsiExec.exeC:\Windows\system32\MsiExec.exe -Embedding A40E2ED04E2727DBF153C427B2E529572⤵
- Loads dropped DLL
PID:984
-
-
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding D94CB1BBA7F37124BD5E31A4633499A12⤵
- Loads dropped DLL
PID:1844
-
-
C:\Windows\system32\MsiExec.exeC:\Windows\system32\MsiExec.exe -Embedding 5EA55115B4AAB63381E115DC40A8431C M Global\MSI00002⤵
- Loads dropped DLL
PID:916
-
-
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding C1854D035F208C0574468F8E241C7052 M Global\MSI00002⤵
- Suspicious use of WriteProcessMemory
- Loads dropped DLL
PID:1852 -
C:\Windows\syswow64\wevtutil.exe"wevtutil.exe" im "C:\Program Files\Microsoft Office\Office14\BCSEvents.man"3⤵
- Suspicious use of WriteProcessMemory
PID:620 -
C:\Windows\System32\wevtutil.exe"wevtutil.exe" im "C:\Program Files\Microsoft Office\Office14\BCSEvents.man" /fromwow644⤵PID:1840
-
-
-
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of AdjustPrivilegeToken
- Modifies Installed Components in the registry
- Modifies registry class
PID:1620
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Modifies Installed Components in the registry
- Modifies registry class
PID:608
-
C:\Windows\explorer.exeexplorer.exe1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Modifies service
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Modifies Installed Components in the registry
- Modifies registry class
PID:1572